Develop Reference

MVC Authentication default page for a specific folder

Is it possible to have two default landing page for authentication in ASP.Net MVC? One for a specific folder i.e. Pages for Admin and the other is for everything else?
This is the scenario. I have an application with an Admin portal where only administrators can access and the Main portal for any active users. I am using the default forms authentication for MVC with the root web.config configured as below:
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="240" defaultUrl="~/" slidingExpiration="true"/>
</authentication>
So every user will be redirected to Account/Login when not they are not authenticated. Now, I want to have a separate landing page (Admin/Login) for admin pages when admin user is not yet authenticated. All Admin pages are in a folder named Admin. So is there a way for me to configure the authentication in the web.config of that folder to default to Admin/Login instead of Account/Login?
Edit:
The rules are simple. When a user tries to access any admin page i.e. Directly changing the URL, and they are not logged in, then I was hoping they would be redirected to Admin/Login, instead of Account/Login. We don't need to check for role since we are already restricting the controller to Admin Roles only.
Is it better to do this in an actionfilter instead?

Unless there is a way for you to differentiate admin from regular user on page loading then no.. If it is the same IP address being logged from you could do it like that ... or if its linked over from another account such as google login ... where you could check the user name and redirect based on if its saved as an admin... You would have to have a way to distinguish before you re-routed

Windows Authentication (ASP.NET)

How i can implement Windows Authentication to authenticate user while logging in? I do not want to get a pop up window rather i would like to let my login page(LoginPage.aspx) do the same. Please provide me with the steps/ code(vb.net). Thanks

It requires a good amount of code to access active directory and authenticate.Please refer the article on codeproject.com or msdn articles.

Maybe you could use this tag in your web.config
<authentication mode="Forms">
<forms loginUrl="login.aspx" defaultUrl="Login.aspx" timeout="60"></forms>
</authentication>
And in your login.aspx you would write code to access Active Directory.

You are missing the point about what windows authentication is. Forms authentication can be used when not part of a domain or there is some specific requirement that windows authentication cannot solve. If a computer is registered in an active directory domain, authentication with the web site will be transparent based on the credentials that were used to login to the domain, eliminating the need to supply credentials each time the application is accessed.

problem with asp.net redirection after login to admin page

I built a simple site which has an open section and admin page, which you can get to, only after loging in.
I implemented the default asp .net login control.
The problem is, after successful login (the login page is called admin.aspx) I want to redirect to another page called groups.aspx (redirecting it by code - Response.Redirect("AdminTools\\Groups.aspx") ), but instead I get an error "The resource cannot be found.", which says that cannot find "login.aspx". The problem is I don't have a page called login.aspx in my site, and I can't manage to find the place where I can configure it.

Always use ~ root operator.
Response.Redirect("~/AdminTools/Groups.aspx")
You can configure your own login url by setting the LoginUrl in web.config.
<authentication mode="Forms">
<forms loginUrl="~/mylogin.aspx">
</forms>
</authentication>

Redirecting to another page automatically?

In my web application i want to redirect to login page, which is in the same folder[admin folder], when i type like
"xxx.com/admin" it is redirect to login.aspx page which is in admin folder.
for this i place one index.html page and write meta tag code, even though it is not redirect to loginpage. it is going to index.aspx page. shall i have to remove this index.aspx page, i have default page also there in admin folder. can u help me.

If you are using IIS 7.5 take a look at the UrlRewrite 2 Module http://www.iis.net/download/urlrewrite
If you are using IIS 6 you can use the asp.net 2 url rewriting technique, but the xxx.com/admin/default.aspx needs to be physically existing to allow redirects to happen

Add this to your Web.config:
<authentication mode="Forms" >
<forms loginUrl="login.aspx" name=".ASPXFORMSAUTH" />
</authentication>
This will redirect users to your loginUrl if they try to access a protected page when they are not authenticated.
You should probably read up on Forms Authentication in asp.net to get all of the dirty details.
Here is an explanation of how you can add additional default documents to IIS. Default documents are used to try and determine which page a user should be directed to when they don't specify a specific page (your xxx.com/admin example)

ASP.NET Roles and Permissions

I'm using the ASP.NET/C# Login control and that entire authentication and authorization system.
I set up the roles and have users go to certain pages when they log into the system dependent on their role. Right now I'm trying to restrict access to certain pages, which is working correctly. However, when it restricts the access to a user who shouldn't be allowed in that web page it redirects to login.aspx. I don't have a login page, I just have a login user control that sits on a master page.
How can I get it to redirect to a different page on permission failure rather than go to login.aspx

<authentication mode="Forms">
<forms loginUrl="login.aspx"name=".ASPXFORMSAUTH" />
</authentication>
set the login page in web.config