I think I'm missing something...
I can't seem to override .net's default setting to redirect users to the login.aspx page.
I want users who have been denied access to be redirected to a accessdenied.aspx page, but they get the login.aspx page.
To set up the example, I've got the files: under an "admin" folder:
/admin/default.aspx
/admin/web.config .
In the /admin/web.config:
Code:
<authorization>
<allow roles="Admin" />
<deny users="*" />
</authorization>
In the root web.config... :
Code:
<authentication mode="Forms">
<forms defaultUrl="~/AccessDenied.aspx" cookieless="AutoDetect" />
</authentication>
Why doesn't it redirect users to AccessDenied.aspx?
After looking at TBH examples, I don't see any difference in the way I have it set up. How do I redirect "?" users to: login.aspx and "*" users to: accessdenied.aspx?
Any help would be great!