form authentication in web site

Posted by Anant under ASP.NET on 3/31/2014 | Points: 10 | Views : 542 | Status : [Member] | Replies : 0
In my application i am using form authentication,after logging as a normal partner ,browse to/Admin using an HTTP proxy,the server attempts to redirect the user to the login page but the contents of /admin are still returned in HTTP response body.

when performing the authentication checks ,the application should ensure that no data is returned if the user is not admin


(No response found.)

Login to post response