hi ng,
i have a problem with windows authentificatio n.
i want to forward every user who
1. is not authorized
2. or could not be authenticated
to a login page
-------------------
The scenario is an intranet application that can be used by some defined
active directory users.
web.config is like:
<system.web>
....
<authenticati on mode="Windows" />
<authorizatio n>
<deny users="*" />
</authorization>
</system.web>
<location path="private">
<system.web>
<authorizatio n>
<allow users="x,y,z" />
</authorization>
</system.web>
</location>
<location path="Public">
<system.web>
<authorizatio n>
<allow users="*" />
</authorization>
</system.web>
</location>
global.asax looks like:
protected void Application_End Request(Object sender, EventArgs e)
{ if((User.Identi ty.IsAuthentica ted)&&(Response .StatusCode ==
401))
{
Response.Redire ct("~/Public/Login.aspx");
}
}
----------------------
it is working when one of the x,y,z users enters the application with
the correct password or a domain user who is not x,y or z tries to enter
the application (with the correct password).
but it is not working when a user is not in active directory or a active
directory user enters a wrong password because in this cases, the user
could not be authenticated.
but i cannot redirect every not authenticated user, because before the
windows authentication form has been submitted, every request is not
authenticated, right?
i am getting a bit desparate, since i already have posted my problem,
with no replies.
maybe i am now able to describe the problem more clear.
thank you very much in advance for any help or suggestions
dan 2 3833
This is a little different for the windows authentication. You must set up
the<customError s> element in the web.config file to catch this unauthorized
message: See link below http://msdn.microsoft.com/library/de...orssection.asp
The example showed an internal server error 500. So, you will have to add
your own element to catch for Error 403 (i think) for Forbidden. You can
look that one up
"Dan" wrote: hi ng,
i have a problem with windows authentificatio n.
i want to forward every user who 1. is not authorized 2. or could not be authenticated to a login page
------------------- The scenario is an intranet application that can be used by some defined active directory users.
web.config is like: <system.web> .... <authenticati on mode="Windows" /> <authorizatio n> <deny users="*" /> </authorization> </system.web>
<location path="private"> <system.web> <authorizatio n> <allow users="x,y,z" /> </authorization> </system.web> </location>
<location path="Public"> <system.web> <authorizatio n> <allow users="*" /> </authorization> </system.web> </location>
global.asax looks like: protected void Application_End Request(Object sender, EventArgs e) { if((User.Identi ty.IsAuthentica ted)&&(Response .StatusCode == 401)) { Response.Redire ct("~/Public/Login.aspx"); } }
---------------------- it is working when one of the x,y,z users enters the application with the correct password or a domain user who is not x,y or z tries to enter the application (with the correct password). but it is not working when a user is not in active directory or a active directory user enters a wrong password because in this cases, the user could not be authenticated. but i cannot redirect every not authenticated user, because before the windows authentication form has been submitted, every request is not authenticated, right?
i am getting a bit desparate, since i already have posted my problem, with no replies. maybe i am now able to describe the problem more clear.
thank you very much in advance for any help or suggestions
dan
thanks for your help, but i have already tested <customErrors > in
web.config.
doesn't work.
maybe because the http response code is not like an error code?
dan
Tampa .NET Koder wrote: This is a little different for the windows authentication. You must set up the<customError s> element in the web.config file to catch this unauthorized message: See link below
http://msdn.microsoft.com/library/de...orssection.asp
The example showed an internal server error 500. So, you will have to add your own element to catch for Error 403 (i think) for Forbidden. You can look that one up
"Dan" wrote:
hi ng,
i have a problem with windows authentificatio n.
i want to forward every user who 1. is not authorized 2. or could not be authenticated to a login page
------------------- The scenario is an intranet application that can be used by some defined active directory users.
web.config is like: <system.web > .... <authenticati on mode="Windows" /> <authorizatio n> <deny users="*" /> </authorization> </system.web>
<location path="private"> <system.web> <authorizatio n> <allow users="x,y,z" /> </authorization> </system.web> </location>
<location path="Public"> <system.web> <authorizatio n> <allow users="*" /> </authorization> </system.web> </location>
global.asax looks like: protected void Application_End Request(Object sender, EventArgs e) { if((User.Identi ty.IsAuthentica ted)&&(Response .StatusCode == 401)) { Response.Redi rect("~/Public/Login.aspx"); } }
---------------------- it is working when one of the x,y,z users enters the application with the correct password or a domain user who is not x,y or z tries to enter the application (with the correct password). but it is not working when a user is not in active directory or a active directory user enters a wrong password because in this cases, the user could not be authenticated. but i cannot redirect every not authenticated user, because before the windows authentication form has been submitted, every request is not authenticated , right?
i am getting a bit desparate, since i already have posted my problem, with no replies. maybe i am now able to describe the problem more clear.
thank you very much in advance for any help or suggestions
dan
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Phil Powell |
last post by:
/*--------------------------------------------------------------------------------------------
This function will utilize the ability to use HTTP-based WWW
Authentication, checking for the global authorized password against
the password entered in the client project's CSV file. Will not
function
unless this password exists.
See http://www.php.net/manual/en/features.http-auth.php for more
info...
|
by: Wade Wegner |
last post by:
Hello,
I have been desperately trying to programmatically authenticate a windows
user, create their credentials, and then redirect them to a different server
while passing the credentials at the same time so that they don't have to
login again.
Specifically, I have two webservers in the same domain. When I have a user
go to Webserver A (which uses basic authentication) I programmatically
create either a user credential or impersonate...
|
by: Stuart Shay |
last post by:
Hello All:
I am using Windows Authentication in my VB/ASP.NET Intranet Web Application.
How do I create a method that will release the authentication Token, so the
user will no longer have access to any of the resources on the site?
|
by: Manny Chohan |
last post by:
I am using forms authetication in the web config. i can validate a user
against a database and click on images which makes hidden panels
visible.However when i click on the link inside a panel which should take
user to another pages, it defaults them back to the login page prompting them
to enter username and password.
Could someone please shed some light on this on how i can fix this issue?
Thanks
Manny
|
by: Hriday |
last post by:
Hi there, Please help me..It is urgent
This is Hriday, working on windows authentication with
Active Directory...
My requirment is when a user sends a request to my web
Applicatoin I want to Pop up windows Authentication box so
that user will give his userId, Password & domain name for
authenticaion. After that I want to take these three info
of user and make a search in Active Directory.
| |
by: Doug Bailey |
last post by:
I am trying to control a Windows Service via a Web Service interface.
(I am developing in .NET2003) I am using the ServiceController object
which allows me to read the state of the services with no problems.
However, I am not able to start or stop the service unless I go
through the process of impersonating an administrative user. (See
MSDN KB 306158)
Since it appears to be a privilege issue, I set the folders in IIS
holding the Web...
|
by: Jared |
last post by:
Hi
I am developing an intranet based ASP.NET application. Due to high
security on site the application needs to run accross two separate
domains (only http and https ports are open). The application
autenticates users via a form and security info is held in a database
table.
When users are on either domain they have the same windows username,
but the application server is only running on one domain.
|
by: Andy |
last post by:
Hi, I was wondering if someone could advise on if the following is
possible. I have one website that is available to the public using
Forms authentication and the Membership class, it creates/stores user
information in a SQL Server 2005 db. I have another website that will
administer the first website, allowing admins to look at all of the
users in the db and see specific info from the database.The admin site
is more secure than the...
|
by: Matt Lowrance |
last post by:
I'm hoping someone can give me a little guidance. I have written a
simple Windows Service that goes out and scrapes a few web pages and
updates some data in an access database. The service works correctly
in the IDE and trying to be a good citizen I set it to run as "Local
Service" when I install it.
However once installed it fails silently. My log eventlog message
saying the the DB was updated successfully is written, however the...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |