J
Jay Nesbitt
I'm using forms authentication along with role based authorization in my web
app. The problem I'm having is that when a user that has already been
authenticated tries to access an url that they are not authorized for, they
get kicked back to the login page. This makes no since to me since the user
has already been authenticated. Why does asp.net do this? Is there a
workaround for this that will allow me to present unauthorized users with a
custom "Access Denied" page? I know I could do this programatically in each
page but I would prefer a solution that would allow me to do it
declaritively in the web.config file. Any ideas?
Thanks
app. The problem I'm having is that when a user that has already been
authenticated tries to access an url that they are not authorized for, they
get kicked back to the login page. This makes no since to me since the user
has already been authenticated. Why does asp.net do this? Is there a
workaround for this that will allow me to present unauthorized users with a
custom "Access Denied" page? I know I could do this programatically in each
page but I would prefer a solution that would allow me to do it
declaritively in the web.config file. Any ideas?
Thanks