locked
Page access for different Roles using Custom role provider RRS feed

  • Question

  • User-1248445343 posted

    Hi All,

    In my project we should allow the page depend upon the roles. We are having 4 different roles 1.Admin 2.Manager 3.Supervisor 4.Accountant .

    The accountant is having access for only 4 pages . All others are more than 10 pages.

    In the furture we will add a new page , Any of the four roles will be allow to access.

    We are having the table it contains user and related form names.

    How do i restrict the page access  using custom role provider ?

    Thanks,

    Saravanan

    Friday, April 4, 2014 4:38 AM

Answers

  • User-734925760 posted

    Hi,

    According to your description, if you want to redirect to different pages after login ok, we can check the roles then redirect to the page.

    The same time, we can add roles check in every page, then we can know which page the use will redirect to and check if the user can access via user role.

    Also we can add access for the pages in web.config:

    <location path="CustomersFolder/SecureFile.aspx">
    	<system.web>
    		<authorization>
    			<allow roles="Admin"/>
    			<deny users="*"/>
    		</authorization>
    	</system.web>
    </location>

    Hope it's useful for you.

    Best Regards,

    Michelle Ge

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 9, 2014 7:53 AM

All replies

  • User-1028151323 posted

    Have a security check in the page that fires on load and checks to determine if the the user should have access to that page. If not, redirect them to an explanation page.

    Friday, April 4, 2014 7:40 AM
  • User-734925760 posted

    Hi,

    According to your description, if you want to redirect to different pages after login ok, we can check the roles then redirect to the page.

    The same time, we can add roles check in every page, then we can know which page the use will redirect to and check if the user can access via user role.

    Also we can add access for the pages in web.config:

    <location path="CustomersFolder/SecureFile.aspx">
    	<system.web>
    		<authorization>
    			<allow roles="Admin"/>
    			<deny users="*"/>
    		</authorization>
    	</system.web>
    </location>

    Hope it's useful for you.

    Best Regards,

    Michelle Ge

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 9, 2014 7:53 AM