roles in web.config

Hi,

We have roles defined in web.config and have setup our roles system
where we can use User.IsInRole. The problem is that when a page fails
a role check, ASP.NET redirects it to the Forms Authentication login
page, instead of throwing a 403 HTTP exception that I can catch and
redirect to a not authorized page. How can I catch when this happens
and override the default behavior?

Scott
scottw512 [ Mo, 28 Januar 2008 15:56 ] [ ID #1917884 ]

Re: roles in web.config

scottw512 [at] gmail.com wrote:
> Hi,
>
> We have roles defined in web.config and have setup our roles system
> where we can use User.IsInRole. The problem is that when a page fails
> a role check, ASP.NET redirects it to the Forms Authentication login
> page, instead of throwing a 403 HTTP exception that I can catch and
> redirect to a not authorized page. How can I catch when this happens
> and override the default behavior?
>
> Scott

The easiest way would be to let the forms tag in web.config point to your
not-authorized page.
<authentication mode="Forms">
<forms loginUrl="notauthorized.aspx" />
</authentication>

This will redirect your non authenticated users to that page when they want
to access a not authorized page.

Then, you could put a link to the login page on this not-authorized page,
and everywhere else where appropriate.

--

Riki
Riki [ Mo, 28 Januar 2008 19:09 ] [ ID #1917926 ]
Microsoft » microsoft.public.dotnet.framework.aspnet » roles in web.config

Vorheriges Thema: Viewstate expires?
Nächstes Thema: Placing pre-formatted body text into Outlook email?

[ Startseite ] [ Administrator ] [ Suche ] [ Hinweise ] [ Impressum ]

Powered by FudForum