Restrict roles for specific folder with web.config
Question
I'm using this code for authenticating in web.config
<authentication mode="Forms">
<forms timeout="2000" name="A" loginUrl="login.aspx" protection="None" path="/"></forms>
</authentication>
and use this web.config in each folder
<?xml version="1.0"?>
<configuration>
<system.web>
<authorization>
<allow roles="Admin"/> // or other roles in different pages
</authorization>
</system.web>
</configuration>
When user without Admin Role wants to open this page , automatically redirect to "login.aspx"
Is it possible to redirect to other page like "access-denied.aspx"
1 answers
solution1
0 2012-03-25 12:56:02
Try this and let me know what happens?
<system.web>
<authorization>
<allow roles="Admin"/> // or other roles in different pages
<deny users ="*" />
</authorization>
</system.web>
Add this code to login page:
if (!IsPostBack)
{
if (User.Identity.IsAuthenticated)
{
if (!string.IsNullOrEmpty(Request.QueryString["ReturnUrl"]))
{
Response.Redirect("~/Admin/AccessDenied.aspx");
}
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Restrict access to file/folder in web.config
web.config - Ignore rewrite for specific folder
Mapping specific folder to HttpHandler in web.config
Allowing roles in web.config
Requiring Multiple Roles in Web.config Authorization
web.config authorization roles character escaping
Set AD Roles name on web.config
Restrict download for general files in Web.Config
how can I restrict access to all files in a folder without web.config
Sub Folder is affected by root web.config
Related Tags