.NET Authentication - Access Denied Redirect

Posted on 2009-12-16
Last Modified: 2013-11-07

I'm trying to get an authenticated web user, who does not have permission to access an area (but is an authenticated user), to receive a redirect to an "Access Denied" page.  Currently they are just a redirected to the login page.

Please provide the complete code for the changes.

<script language="VB" runat="server">

Sub ProcessLogin(objSender As Object, objArgs As EventArgs)

  If FormsAuthentication.Authenticate(txtUser.Text, txtPassword.Text) Then

     FormsAuthentication.RedirectFromLoginPage(txtUser.Text, chkPersistLogin.Checked)


     ErrorMessage.InnerHtml = "<b>Your ID or Password are incorrect.</b> Please try again."

  End If

End Sub


Open in new window

Question by:webdevelop
    LVL 7

    Expert Comment

    how do you define who has access and who doesnt to the page? are you using ASP Membership?

    Author Comment

    Credentials and location path authorization are set in the web.config.  If I need to post parts of the web.config, let me know.

    LVL 7

    Expert Comment

    you can put the web page in a different folder and add another web.config file to that same folder with different rules.

    Author Comment


    I'm confused.  The web.config authentication settings are working, but the script rules are not.

    The problem is *if* a user is authenticated, but doesn't have access to view a sub-folder.  Currently, that type of authenticated user gets redirected back to the login screen.  I want them to get redirected to a "Not Authorized" or "Access Denied" page.

    Here is what happens:
    2 basic users:
    - 1 is admin (access to all sub-folders)
    - 1 is just a viewer (access just to some sub-folders)

    If "viewer" tries to access an admin page, they *currently* receive the login screen *again.*  They should get redirected to a "Not Authorized" or "Access Denied" page.

    How do I adjust the code snippet posted to make that happen?  I'm guessing it would be something like:
    If user is authenticated but doesn't have access Then
        redirect to /accessdenied.aspx
        .... Current code shown in first post....
    End If

    LVL 7

    Accepted Solution

    you need to somehow diffrentiate the two users. If you store their login info in a database than you can create a fields that stores their role and base your logic of off that.
    if you just base it on their name or id than u can check that also:

    If UserName = "NameHere" Then
    End If
    LVL 3

    Assisted Solution

    by:Rupesh P
    What kind of authentication you are using? how do you knows whther the user has access to the folder?

    if you automatically gets a 404 error,
    Set custom error in the web.config file

    option 1
     <customErrors mode="RemoteOnly" defaultRedirect="ErrorPage.aspx">
                <error statusCode="403" redirect="NoAccess.htm" />
                <error statusCode="404" redirect="FileNotFound.htm" />

    Create a FileNotFound.htm page , so,  he will be automatically redicted to there.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
    Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now