473,396 Members | 1,982 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > redirect unauthorized access

Join Bytes to post your question to a community of 473,396 software developers and data experts.

Redirect Unauthorized Access

I've got an ASP.NET application that's using Windows authentication
with Integrated Windows authentication turned on to manage access.

Access to the web app should be restricted to only a couple AD Groups,
and I'm trying to get anybody else that tries to access the
application to be redirected to a friendly error page. However, I've
only been able to get a generic ASP.NET error page (401.2) to be
displayed.

I've tried getting it set up in web.config, but no matter what I do,
it doesn't seem to work.

The only option I've seen so far is to remove the authorization
information from web.config, and instead use Global.asax with the
following handler:
void Application_AuthenticateRequest(Object sender, EventArgs e) {
String AuthURL = "/AccessDenied.aspx";
if (!User.IsInRole("Domain\UserGroup")
&& Request.FilePath != AuthURL)
{
Server.Transfer(AuthURL);
}
}

Is there something that I'm missing?
Evan

May 23 '07 #1
1 3454
browser access is pretty simple. the browser asks for a url, if access
is denied, the web server returns 401 with a list of authentication
methods. the browser is free to try again as many times as it wants with
different credentials.

your approach is the correct one.

-- bruce (sqlwork.com)
Evan M. wrote:
I've got an ASP.NET application that's using Windows authentication
with Integrated Windows authentication turned on to manage access.

Access to the web app should be restricted to only a couple AD Groups,
and I'm trying to get anybody else that tries to access the
application to be redirected to a friendly error page. However, I've
only been able to get a generic ASP.NET error page (401.2) to be
displayed.

I've tried getting it set up in web.config, but no matter what I do,
it doesn't seem to work.

The only option I've seen so far is to remove the authorization
information from web.config, and instead use Global.asax with the
following handler:
void Application_AuthenticateRequest(Object sender, EventArgs e) {
String AuthURL = "/AccessDenied.aspx";
if (!User.IsInRole("Domain\UserGroup")
&& Request.FilePath != AuthURL)
{
Server.Transfer(AuthURL);
}
}

Is there something that I'm missing?
Evan
May 23 '07 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
Redirect
by: Damo | last post by:
Could someone please help me. I am a newbie at PHP. I downloaded formail.php Version 5.0 from Jacks scripts( http://www.dtheatre.com/scripts/ )and changed the required areas to my email address and...
PHP
5
HTTP to HTTPS redirect
by: Bob Hansen | last post by:
I am using the following code in my default.asp page to redirect the page from HTTP to HTTPS <% if Request.ServerVariables("HTTPS") = "off" Then Response.Redirect("https://" &...
ASP / Active Server Pages
1
HTTP 401.2 - Unauthorized: Logon failed due to...
by: Newbie | last post by:
I have set up an ASP script (with some help from microsoft.public.inetserver.asp.general!) that grabs the windows username of the user and puts it into an Access database. It is setup on IIS5 as a...
ASP / Active Server Pages
8
HTTP Redirect with POST
by: Victor | last post by:
I need to redirect to another web page, but that redirect will include the submission of form data. So, unlike ServerXMLHTTP which stays on the originating web page, I need the script to redirect...
ASP / Active Server Pages
2
Forms authentication: how to redirect unauthorized users?
by: BJ Lap | last post by:
Hi, I implemented forms authentication in my web site. This works fine but for one thing: If an authenticated user tries to navigate to a page for which this user has no access, (this is...
ASP.NET
11
Determine if user is in AD group
by: CJM | last post by:
I need to be able to determine if the user is a member of a given AD group. I have a method of doing this, but it is not suitable for 64bit OS's, so I need to find an alternative route. I actually...
ASP / Active Server Pages
0
rocedural safeguards to protect against unauthorized access
by: Bank of America | last post by:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta...
MySQL Database
1
HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials.
by: HMS1 | last post by:
Hi, When I try to access an SQL Server 2005 database using ASP pages, it works fine on one PC when the ASP pages are on the local machine and the database on the server. However, when the ASP...
IIS / Internet Information Server
5
How to catch error 401 access denied and redirect to custom error page ?
by: rote | last post by:
I'm using ASP.NET 2.0 and i have copied and pasted the code below to my Global.asax file but it desn't trap the error I want to trap the 401 access denied void Application_Error(object sender,...
ASP.NET
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!