http://forums.asp.net/26.aspxConfiguring and deploying ASP.NET applications - web.config, \bin, etc.enCommunityServer 2007 SP1 (Build: 20510.895)http://forums.asp.net/thread/3273609.aspxFri, 03 Jul 2009 13:39:59 GMT4c671506-2930-414c-a40b-8bf57ded5924:3273609mandrews1234mandrews12340http://forums.asp.net/thread/3273609.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=26&PostID=3273609<p>Did you guys see my if statement question. What is wrong with that? Also I tried the custom errors thing in my web.config but it still redirects to login.aspx. I can&#39;t use a logged in template because they are logged in, they just don&#39;t have the correct role. Am I correct on that? Thanks for all of your help.<br /></p>http://forums.asp.net/thread/3272255.aspxThu, 02 Jul 2009 20:48:06 GMT4c671506-2930-414c-a40b-8bf57ded5924:3272255briangreigbriangreig0http://forums.asp.net/thread/3272255.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=26&PostID=3272255<p>&nbsp;Why not just add this&nbsp;to your Web.config files:</p> <p><span class="" style="FONT-SIZE:x-small;COLOR:#008000;FONT-FAMILY:;"><span class="" style="FONT-SIZE:x-small;COLOR:#008000;FONT-FAMILY:;"><pre class="xhtml" name="code">&lt;system.web&gt; &lt;customErrors mode=&quot;RemoteOnly&quot; defaultRedirect=&quot;GenericErrorPage.htm&quot;&gt; &lt;error statusCode=&quot;403&quot; redirect=&quot;PermissionsError.aspx&quot; /&gt; &lt;/customErrors&gt; &lt;/system.web&gt; </pre> <p>This will redirect all 403 errors (access denied) to your custom page. <br />Good Luck,<br />Brian<br /></p> <p>&nbsp;</p></span></span>http://forums.asp.net/thread/3272235.aspxThu, 02 Jul 2009 20:34:14 GMT4c671506-2930-414c-a40b-8bf57ded5924:3272235sukumarrajusukumarraju0http://forums.asp.net/thread/3272235.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=26&PostID=3272235<pre class="xhtml" name="code">//You can use LoginView control to achieve this. Instead of redirecting to //permissionsError.aspx you can display the Authorization message on the same //page. &lt;asp:LoginView ID=&quot;LoginView1&quot; runat=&quot;server&quot;&gt; &lt;LoggedInTemplate&gt; You are not a member of the Supervisors or Administrators roles. Therefore you cannot edit or delete any user information. &lt;/LoggedInTemplate&gt; &lt;AnonymousTemplate&gt; You are not logged into the system. Therefore you cannot edit or delete any user information. &lt;/AnonymousTemplate&gt; &lt;/asp:LoginView&gt; </pre> <ul> <li><br />Refer this <a href="http://www.asp.net/learn/security/tutorial-11-cs.aspx" target="_blank">article</a> that explains in detail.&nbsp; Please note <a href="http://www.asp.net/learn/security-videos/" target="_blank">here</a> are number of videos on security including Role based security. </li> <li>Check <a href="http://www.asp.net/learn/videos/video-45.aspx" target="_blank">this</a> video that explains indetail, how to Authorize using Roles.</li></ul> <p>Let me know further Queries.</p>http://forums.asp.net/thread/3272190.aspxThu, 02 Jul 2009 20:01:40 GMT4c671506-2930-414c-a40b-8bf57ded5924:3272190mandrews1234mandrews12340http://forums.asp.net/thread/3272190.aspxhttp://forums.asp.net/commentrss.aspx?SectionID=26&PostID=3272190<p>I have went through and put in web.config files in each folder giving specific roles access or not. Now whenever a user tries to go to a page that they don&#39;t have access to, they get redirected to the login page. How do I change that to a generic &quot;sorry you don&#39;t have permissions to see this page&quot; page? Also, what is wrong with this if statement I want to redirect the user if they are not either a site admin or a super admin</p><p>If Not ((Roles.IsUserInRole(Membership.GetUser.UserName, &quot;SiteAdmin&quot;)) Or ((Roles.IsUserInRole(Membership.GetUser.UserName, &quot;SuperAdmin&quot;)))) Then<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Response.Redirect(&quot;PermissionsError.aspx&quot;)<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; End If &#39; if not roles</p><p>I get an error saying that the specified cast is not valid.<br /></p>