Most of the examples of FormsAuthentication show you to create a folder and
secure that folder by your web.config, so that any pages in that folder that
are requested will result in the loginpage (also defined in web.config) to
be shown.
If a person has no access, then they don't get access to your pages.
--
Best regards,
Dave Colliver.
http://www.AshfieldFOCUS.com
~~
http://www.FOCUSPortals.com - Local franchises available
<> wrote in message
news: ups.com...
> Hi;
>
> I am using forms authentication for some new aspx screens in our site.
> These pages need to be not accessible to users who do not have certain
> rights while they need to be accessible to users who have these
> rights. These rights would be determined at runtime and would come
> from a webservice. Basically this is what I want to do
>
> User has rights and user clicks on a page section that requires
> logging in,
> =>redirect user to login page
> =>User logs in and the system redirects him to the originally
> requested page section.
>
> User does not have rights and user clicks on a page section that
> requires logging in,
> =>the system redirects him to the originally requested page section.
>
> Also these new pages cannot be accessible to users who do not have the
> appropriate rights.
>
> Where would I write code to handle this "if else" case?? Would the
> Page_PreInit method of the login page, be a good place or should I do
> it in the global.asax's FormsAuthentication_OnAuthenticate event?? Is
> it possible declaratively (in web.config possibily)?? I would not like
> to make changes to the old screens as they are too huge in number and
> would need to be retested for all scenarious.
>
> Pointers\comments are higly appreciated.
>
> Thanks,
> Ajit Goel
>
Similar Threads
