I have an ASP.NET website with two different sections, root website and an /Admin sub-folder. I wan开发者_运维技巧t to have two different forms authentication/login pages for them. /Admin folder should use/redirect /Admin/Login.aspx and root pages should use /Login.aspx. What should I do in web.config to accomplish this?
Have you looked at roles authentication?
You are building an Intranet expense report application for your organization, and want to enable role-based authentication and authorization capabilities within it. Specifically, you want to create logical roles called 'approvers', 'auditors', and 'administrators' for the application, and grant/deny end-users access to functionality within the application based on whether they are in these roles.
Something along the lines of here
A couple options:
- Use the same authentication form. Then use roles to authorize access to admin
- Allow access to the login form by adding a location + authorize anonymous rule to the login's form path. Hook to events at the global.asax in order to redirect to the admin's login on unauthenticated/unauthorized access of /admin pages if that's desired.
精彩评论