Does anyone know of a way to get ASP.NET Forms Authentication to not redirect back to the login page if a user is not allowed to visit a certain page or folder based on their role (and perhaps show a message instead)?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Does anyone know of a way to get ASP.NET Forms Authentication to not redirect back to the login page if a user is not allowed to visit a certain page or folder based on their role (and perhaps show a message instead)?
The redirect happens because the user is not authorized to see the page – not because she is not authenticated with the system. As such, the framework does not distinct between the situation where a user is “not logged in” and the situation where she is just “missing the required role”. If she does not have acccess, she is redirected to the login page – end of story.
What I usually do, is to create my login form with a
MultiViewwith a view for each of the two cases, as well as one for the case where the user asked for the login form himself. Then I do something like this to toggle between the different views:Rather than using a
MultiViewyou could also insert aResponse.Redirectin branch above, if this seems to make more sence in your application – e.g. if the three login forms are significantly diverse.