Conditional forms authentication

[ajitgoel]

Hi;

I am using forms authentication for some new aspx screens in our site.
These pages need to be not accessible to users who do not have certain
rights while they need to be accessible to users who have these
rights. These rights would be determined at runtime and would come
from a webservice. Basically this is what I want to do

User has rights and user clicks on a page section that requires
logging in,
=>redirect user to login page
=>User logs in and the system redirects him to the originally
requested page section.

User does not have rights and user clicks on a page section that
requires logging in,
=>the system redirects him to the originally requested page section.

Also these new pages cannot be accessible to users who do not have the
appropriate rights.

Where would I write code to handle this "if else" case?? Would the
Page_PreInit method of the login page, be a good place or should I do
it in the global.asax's FormsAuthentication_OnAuthenticate event?? Is
it possible declaratively (in web.config possibily)?? I would not like
to make changes to the old screens as they are too huge in number and
would need to be retested for all scenarious.

Pointers\comments are higly appreciated.

Thanks,
Ajit Goel

 

[David]

Most of the examples of FormsAuthentication show you to create a folder and
secure that folder by your web.config, so that any pages in that folder that
are requested will result in the loginpage (also defined in web.config) to
be shown.

If a person has no access, then they don't get access to your pages.

--
Best regards,
Dave Colliver.
http://www.AshfieldFOCUS.com
~~
http://www.FOCUSPortals.com - Local franchises available