Hi,
We have roles defined in web.config and have setup our roles system
where we can use User.IsInRole. The problem is that when a page fails
a role check, ASP.NET redirects it to the Forms Authentication login
page, instead of throwing a 403 HTTP exception that I can catch and
redirect to a not authorized page. How can I catch when this happens
and override the default behavior?
Scott
scottw512@gmail.com wrote:
> Hi,
>
> We have roles defined in web.config and have setup our roles system
> where we can use User.IsInRole. The problem is that when a page fails
> a role check, ASP.NET redirects it to the Forms Authentication login
> page, instead of throwing a 403 HTTP exception that I can catch and
> redirect to a not authorized page. How can I catch when this happens
> and override the default behavior?
>
> Scott
The easiest way would be to let the forms tag in web.config point to your
not-authorized page.
This will redirect your non authenticated users to that page when they want
to access a not authorized page.
Then, you could put a link to the login page on this not-authorized page,
and everywhere else where appropriate.
--
Riki