We use forms authentication with roles to restrict access to certain pages and areas of the website. When the user is not authorized, either because they are not logged in or do not have the required role, they are redirected to the login page with a return address.
Define what access is required in the web.config file using authorization tags, for example:
<authorization>
<deny users="?"/>
</authorization>
The web application we are working on uses HttpContext.Current.RewritePath for more friendly URLs and dynamic pages. To request "/MyPages/MyDocuments.aspx!" Has been rewritten in "/PageTypes/Library.aspx" or something like that.
However, when the application is redirected because the user does not have permission, ReWritePath is used instead of Raw URL.
What do I need to redefine so that the return URL is the requested URL instead of the actual mental path?
source
share