«

I've implemented forms authentication for my application. I would like to use
access rules by creating individual web.config files in folders to
allow/disallow access to directories. My problem is when I create an access
rule for a directory to disallow a role or user, when that user in the role
attempts to access the directory they are kicked out of the application which
is fine, but the login page has the redirect url pointing back to the page
they don't have access to (i.e.
http://localhost/App1/Login.aspx?Ret...dLoading.aspx).
Because the login page contains the non accessible redirected url, the user
justs loops back to the login page over and over again. Is there any way to
stop this without writing code page by page to check that a user is in a
certain role?

Is there an event I could capture to say whenever an access rule attempts to
kick someone out of the application, redirect them to a NoPermissions.aspx
page and have this event system wide not just per page?

"Brandon Stalte" wrote:

> I've implemented forms authentication for my application. I would like to use
> access rules by creating individual web.config files in folders to
> allow/disallow access to directories. My problem is when I create an access
> rule for a directory to disallow a role or user, when that user in the role
> attempts to access the directory they are kicked out of the application which
> is fine, but the login page has the redirect url pointing back to the page
> they don't have access to (i.e.
> http://localhost/App1/Login.aspx?Ret...dLoading.aspx).
> Because the login page contains the non accessible redirected url, the user
> justs loops back to the login page over and over again. Is there any way to
> stop this without writing code page by page to check that a user is in a
> certain role?