New Zealand's new Copyright Law presumes 'Guilt Upon Accusation' and will Cut Off Internet Connections without a trial. is against this unjust law - help us

A Space for All Things .NET Related

Displaying Access Denied for Authenticated User

By James Hippolite, in , posted: 21-May-2008 09:37

Learned a new trick:
  • User is authenticated, but not authorised to perform a certain function
  • Can protect the page that performs that function in web.config (snippet 1)
  • However, by default, when unauthorised user attempts to get to that page, they are shown the "Yellow Screen of Death"
  • Can alter this default behaviour in Login.aspx.vb, put this in Page_Load. (snippet 2)
<location path="Admin">
     <allow roles="Administrator"/>
      <deny users="*"/>

</location >

    If User.Identity.IsAuthenticated Then

       'You were redirected here becasue you're not authorised

       Session("sMessage") = "You are not authorised to perform that operation."


    End If

Other related posts:
Geek Post Monthly Newsletter Volume 2 Issue 6
Exam 70-300 Objective 3

Add a comment

Please note: comments that are inappropriate or promotional in nature will be deleted. E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.

Are you a registered Geekzone user? Login to have the fields below automatically filled in for you and to enable links in comments. If you have (or qualify to have) a Geekzone Blog then your comment will be automatically confirmed and shown in this blog post.

Your name:

Your e-mail:

Your webpage:

JamesHip's profile

James Hippolite
New Zealand

Welcome to my technical blog. 

Here, I attempt to distill the Microsoft Certified Professional Developer knowledge I have accumulated since first qualifying MCP in 1996.  This blog started on 13 September 2007 as an off-shoot from my mixed up personal blog.  But it took a shot in the arm from Scott Hanselman's talk at TechEd New Zealand 08 "32 Ways To Make Your Blog Suck Less".