0

I have one application with Form Authentication.I have different levels of users.

When logged as Admin It has to show all the screens and when logged as Client the data need to restricted. I have logged as Client in Internet Explorer.After time out Its showing Admin's data .please tell me the way to get log in page after Timeout.

My Config File sttings are : protection="All" enableCrossAppRedirects="false" slidingExpiration="true"

Thanks, Rakesh.

Improve this question
3
  • Use different credentials for admin and client. Commented Dec 30, 2011 at 4:24
  • I am using different credentials ..But after 30 min ,if the page is reloaded its showing Admin Data automatically.How to avoid this.? Commented Jan 2, 2012 at 4:02
  • Create the cookies and see what happen. To logout use LoginStatus control or SingOut method of FormAuthentication class. Commented Jan 2, 2012 at 4:07

2 Answers 2

Reset to default
1

You can put all admin accessible pages in one folder and give folder level security to allow only user's in admin role to brose through the pages. And put all the pages to be accessible by users in client role in another folder, with accessible role to be client as well as admin.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Client and Admin can access all the pages ...But the data should be different in my application...Client should not be able to access all the data....but after 30 min in Client screen all the Admin data is showing..please tell me the way to avoid it.
0

You need to implement role based authorization as per below

<location path=”Admin”>
                <authorization>
                 <allow roles=”Admin” />       
                 <deny users=”*” />
                 <deny roles=”*” /> 
                </authorization>
</location> 

<location path=”Members”>
                    <authorization>
                     <allow roles=”Members” />       
                     <deny users=”*” />
                     <deny roles=”*” /> 
                    </authorization>
    </location>

Please refer this nice article for more details

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.