Learned a new trick:
- User is authenticated, but not authorised to perform a certain function
- Can protect the page that performs that function in web.config (snippet 1)
- However, by default, when unauthorised user attempts to get to that page, they are shown the "Yellow Screen of Death"
- Can alter this default behaviour in Login.aspx.vb, put this in Page_Load. (snippet 2)
If User.Identity.IsAuthenticated Then
'You were redirected here becasue you're not authorised
Session("sMessage") = "You are not authorised to perform that operation."