Home/ Questions/Q 1035411
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-16T14:32:18+00:00

I am trying to use Role based authorization in declarative way, when unauthorized user

  • 0

I am trying to use Role based authorization in declarative way, when unauthorized user attempt to access a page, it never fire an exception or show the user an error message. What I should do to show unauthorized message? is that possible in declarative way?

using coding is not a nice option sense I have several roles, and folder authorized for several roles while other folders are authorized for one role.

thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Use the following code in your Login page to redirect the user to either an unauthorized page or the default page.

        protected void Page_Load( object sender, EventArgs e )
    {
        if( Page.IsPostBack )
            return;

        if( !Request.IsAuthenticated )
            return;

        if( !string.IsNullOrEmpty( Request.QueryString["ReturnUrl"] ) && !UrlAuthorizationModule.CheckUrlAccessForPrincipal(Request.QueryString["ReturnUrl"], User,"GET"))
        {
            // In Forms Authentication, authenticated but unauthorized requests are converted into a Redirect to the Login page.  
            // Redirect these to an error page instead.
            Response.Redirect( "~/UnauthorizedAccess.aspx", false );
        }
        else
        {
            Response.Redirect( FormsAuthentication.DefaultUrl, false );
        }
    }

    See this link for a picture of what’s happening and more info:

    http://www.asp.net/security/tutorials/user-based-authorization-cs

    • 0