Home/ Questions/Q 7937005
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-03T22:23:55+00:00

I am using FormsAuthentication to prevent anonymous users from accessing any content on my

  • 0

I am using FormsAuthentication to prevent anonymous users from accessing any content on my site, other than the pages within /pages/security – this folder contains the login page, forgotten password, etc.

<authorization>
    <deny users="?" />
</authorization>
</system.web>
<location path="pages/security">
    <system.web>
        <authorization>
            <allow users ="?" />
        </authorization>
    </system.web>
</location>

This works fine, but I also want to deny access for AUTHENTICATED to the /pages/security pages, so that an authenticated user can’t access the login page or other related pages.

The above doesn’t work, so once logged-in I can still access the login page – what am I doing wrong?

Thanks.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can use this approach.

    When a user is authenticated and you want to stop him from accessing login page etc. Then you can use these pages Page_Load event to check user’s authenticity if they are authentic redirect them to other page.
    For example

    if(IsUserAuthentic())
{
     Response.Redirect("Home.aspx"); 
}

    IsUserAuthentic() is your custom method which will check user’s authenticity.

    • 0