On Sep 28, 8:20 am, bobby <bo...@discussions.microsoft.comwrote:
have a web app where one page Default.aspx should be publicly accessable and
another Admin.aspx restricted to a certain local group. When I am on
Default.aspx. There is link which suppose to take me Admin.aspx but I want
too give security to that page and always it jumps me to Login.aspx page.
How can I do that.
How can I do this in a web.config? Can I specify different authorization
settings per file?
Hi Bobby
You can add these settings to you web.config:
<system.web>
<authentication mode="Forms">
<forms loginUrl="Login.aspx" />
</authentication>
</system.web>
<location path="Admin.aspx">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
If you need different settings for other files then you can add more
<locationsettings.
It's also possible to do the same thing using code, with something
like:
If Not User.IsInRole("Administrators") Then
Response.Redirect("Login.aspx")
End If
Chris