hi ng,
i have a problem with windows authentification.
i want to forward every user who
1. is not authorized
2. or could not be authenticated
to a login page
-------------------
The scenario is an intranet application that can be used by some defined
active directory users.
web.config is like:
<system.web>
....
<authentication mode="Windows" />
<authorization>
<deny users="*" />
</authorization>
</system.web>
<location path="private">
<system.web>
<authorization>
<allow users="x,y,z" />
</authorization>
</system.web>
</location>
<location path="Public">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
global.asax looks like:
protected void Application_EndRequest(Object sender, EventArgs e)
{ if((User.Identity.IsAuthenticated)&&(Response.Stat usCode ==
401))
{
Response.Redirect("~/Public/Login.aspx");
}
}
----------------------
it is working when one of the x,y,z users enters the application with
the correct password or a domain user who is not x,y or z tries to enter
the application (with the correct password).
but it is not working when a user is not in active directory or a active
directory user enters a wrong password because in this cases, the user
could not be authenticated.
but i cannot redirect every not authenticated user, because before the
windows authentication form has been submitted, every request is not
authenticated, right?
i am getting a bit desparate, since i already have posted my problem,
with no replies.
maybe i am now able to describe the problem more clear.
thank you very much in advance for any help or suggestions
dan 2 3819
This is a little different for the windows authentication. You must set up
the<customErrors> element in the web.config file to catch this unauthorized
message: See link below http://msdn.microsoft.com/library/de...orssection.asp
The example showed an internal server error 500. So, you will have to add
your own element to catch for Error 403 (i think) for Forbidden. You can
look that one up
"Dan" wrote: hi ng,
i have a problem with windows authentification.
i want to forward every user who 1. is not authorized 2. or could not be authenticated to a login page
------------------- The scenario is an intranet application that can be used by some defined active directory users.
web.config is like: <system.web> .... <authentication mode="Windows" /> <authorization> <deny users="*" /> </authorization> </system.web>
<location path="private"> <system.web> <authorization> <allow users="x,y,z" /> </authorization> </system.web> </location>
<location path="Public"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location>
global.asax looks like: protected void Application_EndRequest(Object sender, EventArgs e) { if((User.Identity.IsAuthenticated)&&(Response.Stat usCode == 401)) { Response.Redirect("~/Public/Login.aspx"); } }
---------------------- it is working when one of the x,y,z users enters the application with the correct password or a domain user who is not x,y or z tries to enter the application (with the correct password). but it is not working when a user is not in active directory or a active directory user enters a wrong password because in this cases, the user could not be authenticated. but i cannot redirect every not authenticated user, because before the windows authentication form has been submitted, every request is not authenticated, right?
i am getting a bit desparate, since i already have posted my problem, with no replies. maybe i am now able to describe the problem more clear.
thank you very much in advance for any help or suggestions
dan
thanks for your help, but i have already tested <customErrors> in
web.config.
doesn't work.
maybe because the http response code is not like an error code?
dan
Tampa .NET Koder wrote: This is a little different for the windows authentication. You must set up the<customErrors> element in the web.config file to catch this unauthorized message: See link below
http://msdn.microsoft.com/library/de...orssection.asp
The example showed an internal server error 500. So, you will have to add your own element to catch for Error 403 (i think) for Forbidden. You can look that one up
"Dan" wrote:
hi ng,
i have a problem with windows authentification.
i want to forward every user who 1. is not authorized 2. or could not be authenticated to a login page
------------------- The scenario is an intranet application that can be used by some defined active directory users.
web.config is like: <system.web> .... <authentication mode="Windows" /> <authorization> <deny users="*" /> </authorization> </system.web>
<location path="private"> <system.web> <authorization> <allow users="x,y,z" /> </authorization> </system.web> </location>
<location path="Public"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location>
global.asax looks like: protected void Application_EndRequest(Object sender, EventArgs e) { if((User.Identity.IsAuthenticated)&&(Response.Stat usCode == 401)) { Response.Redirect("~/Public/Login.aspx"); } }
---------------------- it is working when one of the x,y,z users enters the application with the correct password or a domain user who is not x,y or z tries to enter the application (with the correct password). but it is not working when a user is not in active directory or a active directory user enters a wrong password because in this cases, the user could not be authenticated. but i cannot redirect every not authenticated user, because before the windows authentication form has been submitted, every request is not authenticated, right?
i am getting a bit desparate, since i already have posted my problem, with no replies. maybe i am now able to describe the problem more clear.
thank you very much in advance for any help or suggestions
dan
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Phil Powell |
last post by:
/*--------------------------------------------------------------------------------------------
This function will utilize the ability to use HTTP-based WWW
Authentication, checking for the global...
|
by: Wade Wegner |
last post by:
Hello,
I have been desperately trying to programmatically authenticate a windows
user, create their credentials, and then redirect them to a different server
while passing the credentials at the...
|
by: Stuart Shay |
last post by:
Hello All:
I am using Windows Authentication in my VB/ASP.NET Intranet Web Application.
How do I create a method that will release the authentication Token, so the
user will no longer...
|
by: Manny Chohan |
last post by:
I am using forms authetication in the web config. i can validate a user
against a database and click on images which makes hidden panels
visible.However when i click on the link inside a panel...
|
by: Hriday |
last post by:
Hi there, Please help me..It is urgent
This is Hriday, working on windows authentication with
Active Directory...
My requirment is when a user sends a request to my web
Applicatoin I want to...
|
by: Doug Bailey |
last post by:
I am trying to control a Windows Service via a Web Service interface.
(I am developing in .NET2003) I am using the ServiceController object
which allows me to read the state of the services with...
|
by: Jared |
last post by:
Hi
I am developing an intranet based ASP.NET application. Due to high
security on site the application needs to run accross two separate
domains (only http and https ports are open). The...
|
by: Andy |
last post by:
Hi, I was wondering if someone could advise on if the following is
possible. I have one website that is available to the public using
Forms authentication and the Membership class, it...
|
by: Matt Lowrance |
last post by:
I'm hoping someone can give me a little guidance. I have written a
simple Windows Service that goes out and scrapes a few web pages and
updates some data in an access database. The service works...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |