Redirecting admin to admin page and user to user's page

Question

i'm having some problem over here. When user enter their id,it will show up the main page and its for user but when admin enter their id,it will enter the user's main page and i have to click admin site on the top hyperlink and it automatically logout and once i enter back admin passwrd and then only it redirect to admin page.how to make it like once user enter their passwrd it redirect to user page and once admin enter admin password in the login it redirect to admin ?I have 3 roles over here which are admin,staff and user.Hereby i'll provide you my aspx code and also my vb code which is running behind the program.please do assist me.thanks

ASPX

   <asp:Login ID="Login1" runat="server" BackColor="#009933" BorderColor="Red" 
        BorderPadding="4" BorderStyle="Ridge" BorderWidth="1px" Font-Names="Verdana" 
        Font-Size="0.8em" ForeColor="Red" 
        DestinationPageUrl="~/MainPage.aspx" style="text-align: center" Height="171px" 
                    Width="266px"  VisibleWhenLoggedIn="True" TextLayout="TextOnTop">
        <TextBoxStyle Font-Size="0.8em" />
        <LoginButtonStyle BackColor="#FFFBFF" BorderColor="#CCCCCC" BorderStyle="Solid" 
            BorderWidth="1px" Font-Names="Verdana" Font-Size="0.8em" ForeColor="#284775" />
        <InstructionTextStyle Font-Italic="True" ForeColor="Black" />
        <TitleTextStyle BackColor="#5D7B9D" Font-Bold="True" Font-Size="0.9em" 
            ForeColor="White" />

    </asp:Login>

VB

Partial Class Login

  Inherits System.Web.UI.Page

End Class

web.config for staff folder

<?xml version="1.0" encoding="utf-8"?> 
<configuration> 
    <system.web> 
        <authorization> 
            <allow roles="staff" /> <deny users="" /> 
        </authorization> 
    </system.web> 
</configuration> 

web.config for admin folder

<?xml version="1.0" encoding="utf-8"?> 
<configuration> 
    <system.web> 
        <authorization> 
            <allow roles="adminstrator" /> <deny users="" /> 
        </authorization> 
    </system.web> 
</configuration>

web.config - root

<configuration> 
    <appSettings/> 
    <connectionStrings> 
        <add name="ConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\ASPNETDB.MDF;Integrated Security=True;User Instance=True" providerName="System.Data.SqlClient"/> 
        <add name="ASPNETDBConnectionString" connectionString="Data Source=.\SQLEXPRESS;AttachDbFilename=C:\Users\Se7en\Desktop\Personal\VIVA\1\App_‌​Data\ASPNETDB.MDF;Integrated Security=True;Connect Timeout=30;User Instance=True" providerName="System.Data.SqlClient"/> 
    </connectionStrings> 

Answer 1

Can you do this in your login button click event:

switch (role)
    {
     case 0:
      Response.Redirect("MainPage.aspx");
      break;
     case 1:
      Response.Redirect("StaffPage.aspx");
      break;
     case 2:
      Response.Redirect("UserPage.aspx");
      break;
}

you need to set role value in your validate user code.

Answer 2

Just saw your re-edited question... What is your navigation like? What controls do you use? what kind of MembershipProvider (if any) do you use?

You may still try to use a treeView or a menu control (bound to a sitemap file). Using these controls allows you to make use of securityTrimming (see msdn for details).

eg (from msdn):

<system.web>
<!-- …other configuration settings -->
  <siteMap defaultProvider="XmlSiteMapProvider" enabled="true">
    <providers>
      <add name="XmlSiteMapProvider"
        description="Default SiteMap provider."
        type="System.Web.XmlSiteMapProvider "
        siteMapFile="Web.sitemap"
        securityTrimmingEnabled="true" />
    </providers>
  </siteMap>
</system.web>

This attribute will change the visibility of links appearing in your navigation controls. For example users with a role admin - will only see those links they are allowed to navigate to.

Could you please show us your navigation controls? thx in advance

• Controls (Login, LoginStatus, ...)
• Understanding Role Management (how to ... membershipProvider, roles, aso)