문제
I'm using Membership Provider for create and manage users and roles in my site. I'm trying to restric access to a specific roles to the Account folder using web.config into this folder with this rule:
https://stackoverflow.com/questions/17573340
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian<system.web>
<authorization>
<allow roles="Administrator"/>
<deny users="*" />
</authorization>
</system.web>
I'm using Web Forms and forms authentication like show below:
<authentication mode="Forms">
<forms loginUrl="~/Login.aspx" timeout="2880" defaultUrl="~/" />
</authentication>
But when I try to access to page located into Account folder I'm getting:
HTTP Error 404.0 - Not Found The resource you are looking for has been removed, had its name changed, or is temporarily unavailable. Below a picture with the error:
How can I do for redirect to Login when the user try to access to unauthorized folder or url?
해결책
You are accessing the Login.aspx like /Account/Login/Default.aspx which doesn't exist.
Shouldn't that be ~/Account/Login.aspx?
<authentication mode="Forms">
<forms loginUrl="~/Account/Login.aspx" timeout="2880" />
</authentication>
