form authentication in asp.net web site

Posted by Anant under ASP.NET on 3/31/2014 | Points: 10 | Views : 1275 | Status : [Member] | Replies : 0
In my asp.net application i am using form authentication,after logging as a normal partner ,browse to/Admin using an HTTP proxy,the server attempts to redirect the user to the login page but the contents of /admin are still returned in HTTP response body.

when performing the authentication checks ,the application should ensure that no data is returned if the user is not admin




Responses

(No response found.)

Login to post response