views:

49

answers:

1

I implemented the ASP.NET security model and I am allowing/denying access to users in the web.config based on what roles they are in e.g.

  <system.web>
   <authorization>
    <allow roles = "Admin" />
   </authorization>
  </system.web>

When I try and visit a page I don't have access to, it prompts me to log in but I'm already logged in and if I try log in again it just shows a log in control because I don't have the correct permission based on my role, however how can I display a more meaningful message to the user, ie. "You don't have sufficient permissions to view this page." Rather than just the log in control?

A: 

This older post described the problem and has your answer.

http://stackoverflow.com/questions/1353824/no-login-error-text-for-role-based-authentication-in-asp-net

David Stratton