Forms Auth/Membership & Roles Providers/Secured Directory

[Drew]

When using Forms Auth in conjunction with Membership and Roles provider, we
have limited a directory to only users with the role Administrators using the
following web.config:
<location path="administration">
<system.web>
<authorization>
<deny users="?"/>
<allow roles="Administrator"/>
<deny users="*" />
</authorization>
</system.web>
</location
When a standard already authenticated user tries navigate into that
directory, they are redirected to the login page. Can they be sent to a main
page instead? We have specified the defaultUrl in the forms auth tag with:
defaultUrl="~/Home.aspx" but the users are not being sent there. Am i doing
something wrong?

 

[Guest]

When using Forms Auth in conjunction with Membership and Roles provider, we
have limited a directory to only users with the role Administrators usingthe
following web.config:
    <location path="administration">
        <system.web>
            <authorization>
                <deny users="?"/>
                <allow roles="Administrator"/>
                <deny users="*" />
            </authorization>
        </system.web>
    </location
When a standard already authenticated user tries navigate into that
directory, they are redirected to the login page.  Can they be sent to a main
page instead?  We have specified the defaultUrl in the forms auth tag with:
defaultUrl="~/Home.aspx" but the users are not being sent there.  Am i doing
something wrong?

It seems that you don't need to add <deny users="?"/> when only
Administrator role is allowed. Did you try to add in the system.web
section (below location element)

<authentication mode="Forms">
<forms name="adminform" defaultUrl="default.aspx" loginUrl="/
home.aspx" path="/"/>
</authentication>

http://msdn.microsoft.com/en-us/library/aa302435.aspx#c19618429_011