roles in web.config


S

scottw512

Hi,

We have roles defined in web.config and have setup our roles system
where we can use User.IsInRole. The problem is that when a page fails
a role check, ASP.NET redirects it to the Forms Authentication login
page, instead of throwing a 403 HTTP exception that I can catch and
redirect to a not authorized page. How can I catch when this happens
and override the default behavior?

Scott
 
Ad

Advertisements

R

Riki

Hi,

We have roles defined in web.config and have setup our roles system
where we can use User.IsInRole. The problem is that when a page fails
a role check, ASP.NET redirects it to the Forms Authentication login
page, instead of throwing a 403 HTTP exception that I can catch and
redirect to a not authorized page. How can I catch when this happens
and override the default behavior?

Scott

The easiest way would be to let the forms tag in web.config point to your
not-authorized page.
<authentication mode="Forms">
<forms loginUrl="notauthorized.aspx" />
</authentication>

This will redirect your non authenticated users to that page when they want
to access a not authorized page.

Then, you could put a link to the login page on this not-authorized page,
and everywhere else where appropriate.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top