Thanks for your replay...
This code i added it to Global.asax page
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
if (Request.IsAuthenticated)
{
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(
User.Identity, Globle.GetUserRoles(User.Identity.Name));
}
}
and this code is under the login button:
protected void btnSignin_Click(object sender, EventArgs e)
{
if (Globle.AuthenticateUser(txtEmail.Text, txtPassword.Text))
FormsAuthentication.RedirectFromLoginPage(txtEmail.Text, false);
}
this code is in web.config file inside members folder:
<authorization>
<allow roles="Admin,Members"/>
<deny users="?"/>
</authorization>
this code is in web.config file inside admin folder:
<authorization>
<allow roles="Admin"/>
<deny users="?, *"/>
</authorization>
i am waiting for u and every body....