problem redirecting user based on user role

Hi all,

I have small problem redirecting  user based on user role how can i determine if  a user belong to a specific group of users then  redirect  to specific page to allow access to user on user role i'm using membership and bulit in aspnet data base generated by  ASP.NET configuartion tool

heres a  fragment of what i'm trying to fulfill

thanks in advance of your help

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)

{

if (Membership.ValidateUser(Login1.UserName, Login1.Password))

{

FormsAuthentication.SetAuthCookie(Login1.UserName, Login1.RememberMeSet);

 

 

if(User.IsInRole("admin") )

Response.Redirect("~/Admin/Default.aspx");

else if(User.IsInRole("user1"))

Response.Redirect("~/user1/Default.aspx");

else if(User.IsInRole("user2"))

Response.Redirect("~/user2/Default.aspx");

else

Response.Redirect("~/Default.aspx");

 

 

}

}

 

0
Hassan80eg
9/18/2007 3:12:33 PM
asp.net.security 27051 articles. 1 followers. Follow

5 Replies
859 Views

Similar Articles

[PageSpeed] 24

 Hi,

You are trying to reference roles using User object available either in Request or Page.

This is not the correct way to do it, User object is populated on Application_OnAuthenticate event. And you can not access this user info untill you have sent the authentication cookie to client browser. Because User object fetch all its information from request cookies, not from response cookies. And FormsAuthentication.SetAuthCookie adds a new cookie in response.
 


Zafar Iqbal
VP Technology
Hansvits


** Please mark as ANSWER if my reply helped you
0
ziqbalbh
9/18/2007 4:07:19 PM

As Zafar says, you can't access the User object yet. The logical place to put your code would seem to be the logged_in() event which fires last - but you'll find that you can't access the user object there yet, until the there has been a postback.

You'll see a few solutions out there to this. One simple solution used by one of our clients is to set the destinationURL of the login control to another page, and put your code in the page_load() of this second page, which only exists to redirect your users. Otherwise, you need to force the login page to postback to get at the user object.


Articles & Training for SQL Server and ASP.Net 2.0

Check out our tutorials for going live on GoDaddy
0
SalmonTraining
9/18/2007 9:49:10 PM

 Hi SalmonTraining and Zafar,

if you please a fragment of code  to fulfill this simple solution you said

yoou'll see a few solutions out there to this. One simple solution used by one of our clients is to set the destinationURL of the login control to another page, and put your code in the page_load() of this second page, which only exists to redirect your users. Otherwise, you need to force the login page to postback to get at the user object.

Thanks for your reply  

 

0
Hassan80eg
9/19/2007 2:18:16 PM

Hassan80eg:

if you please a fragment of code  to fulfill this simple solution you said

Hi Hassan80eg

I'm not sure if you have solved this problem, Here is the code mentioned by the previous posts, Hope it helps

---------login.aspx.cs--------------

protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{

if (Membership.ValidateUser(Login1.UserName, Login1.Password))
{
 
        FormsAuthentication.SetAuthCookie(Login1.UserName, Login1.RememberMeSet);
        Response.Redirect("~/login2.aspx");

}

}


---------login2.aspx.cs--------------
protected void Page_Load(object sender, EventArgs e)
{
    if(User.IsInRole("admin") )
    Response.Redirect("~/Admin/Default.aspx");

    else if(User.IsInRole("user1"))
    Response.Redirect("~/user1/Default.aspx");

    else if(User.IsInRole("user2"))
    Response.Redirect("~/user2/Default.aspx");

    else

    Response.Redirect("~/Default.aspx");
}


Best Regards
XiaoYong Dai
Microsoft Online Community Support

Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
0
XiaoYong
9/20/2007 8:03:53 AM

Thanks a milion adding dummy page  works very fine

0
Hassan80eg
9/20/2007 8:52:28 PM
Reply:

Similar Artilces:

User based Security instead of Role based (The most common unanswered problem)
Problem: To check whether the user has permission to view some personal data, i need query by the UserId.Page.User only has UserName property.Solution used in TimeTracker starterkit: Create stored procs that take UserName as parameter and always use a select statement to lookup the userid. Other Solutions: Create a custom iprincipal object and store the userid in it during login.I read posts that suggest this is an ASP.NET 1.1 method but no one suggested what is the correct design for ASP.NET 2.0. Does this require event handling on the login control? So whats the best practice f...

Creating User Account Without Default Security Role (Registered User Role)
  My DNN version is 3.1.1. The portal is set to Private Registration. Unauthenicated users have access to the basic pages of the site. We require my company's current customers to register and be approved to have access to all other pages that contain information restricted to them (the major part of the site). As you know, authorizing a user account applys the Registered User security role by default and this is how I control access to the customer areas.  We want to create a page that will be used by Marketing to allow potential customers by login to...

Problem : Get a list of user belonged to a role or to know if a user already has a role
What code can I write to know if a user belonged to a Role already ? and How can I get a list of a  user already in an existing role ? Please have a look at my code below : Protected Sub AddUsers_OnClick(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnAddUsersToRole.Click' I wanna add some code here to check if a user already belonged to a Role' Please insert your code here. Thanks a lot. ' A role must be selected If RolesListBox.SelectedItem Is Nothing Then Msg.Text = "Please select a role." Exit Sub End If ...

How do I redirect the user base on role
First of all, I am new to this.......... I need to redirect the user to a different .aspx page on my site based upon the role they are in. For example, a role is K2, the users should be redirected to the index.aspx file in the k2 folderanother role is 35, and the users in this role should be reirected to the index.aspx file inthe 35 folder Thanks in advance If you're using the Login control, it has a LoggedIn event that you can subscribe to. In there, just check the user's role, using the following code: string[] userRoles = Roles.GetRolesForUser()Check what roles ar...

Redirecting users based on roles
I am not sure if I am asking something very basic, but I have done some googling but that does not help, any help would help me a lot I have configured roles for various parts of my application.  Currently there are about 4 roles and each role can access one part of my application and not the other.  Is there any way in which I can tell Authenticated Users (those who have already entered their usernames and passwords) that they dont have access to this part of the site without writing code, I mean something similar to redirecting unauthenticated users to the login page using the we...

how to redirect a user based on roles?
Hello all,I have created users with different roles.Now, I know how to allow or deny based on roles.But I want to know how could I redirect a particular user to that page.For example..I want to give access to the admin user to the admin.aspx.But whenever I login eventho i gave access to that particular page(folder) in the roles.it takes me to the default page for all the users I have created in the login template.Please help.Thanks  Hello there, Maybe you can try this...  Public Sub LoginValidate(ByVal strUserName As String, ByVal strPassword As String, ByVal objTextBox As Text...

redirecting based on user role
I would like to redirect users based on their roles. More specifcally, I have one role that I only want to have access to one page.   So when this user logs in, they are taken directly to this page (page2.aspx) not the page that all other users go to (page1.aspx)   Any help is much appreciated.   Thanks You can do something basically like the following:  if (User.IsInRole("Admin")) Response.Redirect("~/Admin/Admin.aspx");else Response.Redirect("~/Default.aspx");Take a look at the following links:http://aspnet.4guysfromrolla....

RSA Secure ID enabled website along with role based access to the RSA Secure ID Users
Hello All, I am trying to implement RSA Security to my intranet website. I want to access the 'RSA Secure ID User Name'  and 'Password(Passcode here if possible)' in my application to set the roles of the user in the website. I want the RSA Secure ID user as my website user if it is registered into my database only. It means 'RSA access' and 'allocating the page access rights' to the user is totally depends upon the 'secure Id user' . I have to retrieve this information from RSA server and use it into my applic...

redirect user at login based on role
I am trying to redirect users to different pages when they login based on what role they are in. I tried this (see below) it executes on my login control- onauthenicate. That code in in my aspx page. Nothing happens when I try this. It just logs in and goes to the main loginurl page. Any ideas? Sub RedirectUser(ByVal sender As Object, ByVal e As EventArgs) If Roles.IsUserInRole("Administrators") Then Response.Redirect("admin/users.aspx") End If End Sub Check the admin folder for permission for the Administrators role. If there is a deny directive for another role that the administra...

Problem with FreeTextBox on a Module with similar functionality to Editing Users and User Roles
  Hi,   I'm trying to design a module and I'm getting an error message when I open the page.  The error message is:-   Error: A Runtime error has occured. Do you wish to debug? Line: 39 Error: Expected ';'   The issue I have is:-   I have a normal module page that is displaying a list of clients.   I can then edit the clients details by moving to the edit page.   On the edit page, I can further edit some details of the client.  At the bottom of the page, I have an edit button, and it runs this code:-   Response.Redirect(Navig...

Redirecting a users based on role..... NEED HELP
I posted this once before and got a sketch of an answers, spent a week trying to figure out what the answer meant, and still can't get this task completed.  SO PLEASE anyone who can offer assistance I would appreciate it.   I AM VERY NEW TO THIS.......... So the more details you can provide the better. "First of all, I am new to this.......... I need to redirect the user to a different .aspx page on my site based upon the role they are in.  I am using the a login control, and can redirect all logged in users to one page but have no clue how to redi...

Redirect user upon login based on role
I tried to redirect a user based on his/her role using the method Login1_OnLoggedIn(), but it does not work. I think that the user role is still not assigned at this point. Within Login1_OnLoggedIn(), I can redirect the user without checking their role but as soon as I try to check the role, no redirection happens:         if (Context.User.IsInRole("Administrator")){     Response.Redirect("SpecialAdminPage.aspx");}I checked the username and it does belong to the 'Administrator' role. Where should I be checking...

Manage Users For This Role / Manage Roles For This User Question
In the roles/user management pages there is a link called Manage Users For This Role and Manage Roles For This User respectively. I want non Admins to be able to see these pages, and currently I have it so that they can see the manage users and manage roles pages. However, when a non admin clicks on Manage Users For This Role or Manage Roles For This User link it does not display the control, just an empty page. I can get around this by giving edit rights to the page, but I do not want them to have edit rights for the page. Any ideas? Thanks  ...

Manage users and roles for users
Hi. I want to know how can i manage my users and users roles on my hosted website. I want that admin controls (when i log in as admin) allow me to change users roles and other stuff. Any1 have any guide or know any website that teach how to create a "admin.aspx" page to manage users and roles? thx Do you have the schema ready ? If yes, are you willing to change the schema ? Are you using ASP.NET 2.0 ? If yes, you can easily do this using the administration tool in ASP.NET 2.0.                 &n...

Web resources about - problem redirecting user based on user role - asp.net.security

Advertise - Redirecting - YouTube
Search Call us: 1-855-500-2756 Get started Overview Why it Works Success Stories Get Started Make Video Ads Resources This page has moved. Redirecting ...

Aboriginal funds need redirecting - report
Aboriginal funds need redirecting - report

Freedom of speech: Redirecting our society to a dangerous course
Freedom of speech: Redirecting our society to a dangerous course

Leaked Federal Government mental health report recommends redirecting $1 billion from acute hospital ...
A report commissioned by the Federal Government recommends redirecting money from acute hospital care to community-based mental health services. ...

Sona talked of redirecting voters to wrong polls, court hears in robocalls trial
Michael Sona was overheard talking about American-style campaign politics to redirect voters to the wrong polling stations in the 2011 federal ...

Unscrupulous website adverts again redirecting some users to App Store from Safari
... granting any kind of permission… In iOS 8 beta 2, Apple supposedly had remedied the issue: “Safari now blocks ads from automatically redirecting ...

Play Store May Be Redirecting Some Search Terms To The Predefined Categories
The user experience on Android is never standing still, which is no more evident than in the Play Store itself. It seems Google may be trying ...

Redirecting...
Please wait — redirecting to new Business page...

Redirecting...
Click here if you are not redirected

Redirecting Financial Flow To Asia Pacific Crucial For Region’s Sustainable Growth
... (UNEP) notes, the Asia Pacific region is home to over half of the world’s population, but much less than half its natural resources. Redirecting ...

Resources last updated: 1/14/2016 2:35:02 PM