473,406 Members | 2,698 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > authorization policy help

Join Bytes to post your question to a community of 473,406 software developers and data experts.

authorization policy help

Hello,

Using policy (modifying web.config) and FormsAuthentication, is it
possible to return an error message (or redirect to error page) instead

of redirecting to the login page for specific users only?

Here's an example:
I have a section of my web app that is for admins only. The
authorization section of my web.config looks like.

<authentication mode="Forms">
<forms loginUrl="login.aspx">
<credentials passwordFormat="Clear">
<user name="admin" password="password"/>
<user name="guest" password="password" />
</credentials>
</forms>
</authentication>

<authorization>
<deny users="?"/>
</authorization>

Now, for the admin section of the web app, I have a seperate location
element:

<location path="admin">
<system.web>
<authorization>
<allow users="admin"/>
<deny users="*"/>
</authorization>
</system.web>
</location>

This ALMOST solves what I want. The only thing I don't like is that if
the user "guest" tries to access the admin section, they get redirected

to the login.aspx page again. Instead, I would like to redirect them to

an error page or just show an error message.

Is this possible at all using policy only (ie - via web.config)?

Thanks.

Oct 4 '06 #1
0 1244
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
AUTHORIZATION with WINDOWS AUTHENTICATION -- HELP!!
by: phreeskier | last post by:
i want to implement authorization with windows authentication and don't have the slightest clue of how to do this implementation. the basic windows authentication for this .NET application is...
ASP / Active Server Pages
4
Templates, policy-based design, partial specialisation and pointers
by: Erik Wikström | last post by:
In school (no I will not ask you to do my schoolwork for me) we talked about policy-based design and got an assignment where we got the a code- fragment from a stack-implementation. The idea with...
C / C++
10
General Enquiry on Privacy Policy
by: Hermit Dave | last post by:
Hi, Depending upon their security settings some users can not login due to their machine's Privacy Settings some how blocking the cookie (no privacy policy available)... which is encrypted......
ASP.NET
9
Detecting Failed Authorization
by: Bijoy Naick | last post by:
I've implemented forms authentication and authorization on my application. In my Web.Config, my authorization section looks like this.. <authorization> <allow roles="admin" /> <deny users="*"...
ASP.NET
5
Possible SET SESSION AUTHORIZATION bug
by: Chris Ochs | last post by:
It doesn't currently seem possible to switch between different users using SET SESSION AUTHORIZATION. If I log in as the superuser and switch to another user that works, but if I then switch to a...
PostgreSQL Database
14
Windows Authorization
by: tshad | last post by:
I am trying to set up an intranet at work that will use our Active directory to authorize our users. We also want them to access the site from the outside (such as at home) and also be...
ASP.NET
1
authorization - other than web.config?
by: Chang Lui | last post by:
This might be a stupid question - but is there any way to store authorization infomation (allow users="" deny users="") somewhere other then a web.config file. We have a very large site with many...
ASP.NET
0
User.IsInRole in fails unless authorization section limits access
by: ronscottlangham | last post by:
I have a web page that any authenticated user can access, but I dynamically enable/disable other asp.net controls on the web page based on the Role that they are in via C# code behind. My web...
ASP.NET
2
Server.Transfer() and authorization
by: Mike Placentra II | last post by:
Hi. When using Server.Transfer() to switch the request to a specific web form (as opposed to a class implementing IHttpHandler, if it makes any difference), do I have to do something special to...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!