.NET forms authentication role-based redirection?

[Cory Lievers]

Hi there,

Thanks in advanced for any help.

I am new to .NET and am trying to do the following:
Certain paths within the application are public, while certain paths
only are for registered users, and certain paths for administrators.

Using the forms authentication within the web.config file, I can set
certain paths to be locked down to a certain "role". This works fine. A
non-authenticated user hits the url and gets sent to the Login page.

Here's my problem. If a user is already authenticated, but not of the
correct "role", it still redirects them to the Login page. What I would
like is to redirect them to a Permission Denied page (because they are
already logged in, just of a different role).

Any ideas how to do this?

Thanks very much,
Cory

 

[ME]

I would consider using a Login View control. If the page is displayed by
means of a redirect (maybe examine the Response object to determine this. I
haven't tried it but it should work.) simply add your "permission denied"
message to the "Logged In" view. Add your Anonymous message to the
"Anonymous" view. If the page is NOT a redirect you could display some
other message. A second alternative is to examine their assigned roles and
compare those roles to the resource being sought, then display the
appropriate message. I think a View control would probably work easiest.

Thanks,

Matt

 

[Cory Lievers]

Thanks for your reply Matt,

I'll try to find some information about this Login View Control.

regards,
Cory