I'm using Membership Provider for create and manage users and roles in my site. I'm trying to restric access to a specific roles to the Account folder using web.config into this folder with this rule:
<system.web>
<authorization>
<allow roles="Administrator"/>
<deny users="*" />
</authorization>
</system.web>
I'm using Web Forms and forms authentication like show below:
<authentication mode="Forms">
<forms loginUrl="~/Login.aspx" timeout="2880" defaultUrl="~/" />
</authentication>
But when I try to access to page located into Account folder I'm getting:
HTTP Error 404.0 - Not Found The resource you are looking for has been removed, had its name changed, or is temporarily unavailable. Below a picture with the error:
How can I do for redirect to Login when the user try to access to unauthorized folder or url?
You are accessing the Login.aspx
like /Account/Login/Default.aspx
which doesn't exist.
Shouldn't that be ~/Account/Login.aspx
?
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="2880" />
</authentication>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.