I think I'm missing something...
I can't seem to override .net's default setting to redirect users to the login.aspx page.
I want users who have been denied access to be redirected to a accessdenied.aspx page, but they get the login.aspx page.
To set up the example, I've got the files: under an "admin" folder:
In the /admin/web.config:
<allow roles="Admin" />
<deny users="*" />
In the root web.config... :
<forms defaultUrl="~/AccessDenied.aspx" cookieless="AutoDetect" />
Why doesn't it redirect users to AccessDenied.aspx?
After looking at TBH examples, I don't see any difference in the way I have it set up. How do I redirect "?" users to: login.aspx and "*" users to: accessdenied.aspx?
Any help would be great!