If you use Windows Authentication, and the user is not allowed to access the specific page, a nasty 401.2 Access Denied error message will be displayed to the user. What if you want to display a friendly error message?
You would think that an entry in the <customErrors> section would work? No, it does not.
To get to the solution: You have to define Application_EndRequest in Global.asax.cs that looks something like
protected void Application_EndRequest(object sender, EventArgs e)
{
HttpContext context = HttpContext.Current;
if (context.Response.Status.Substring(0,3).Equals("401"))
{
context.Response.ClearContent();
context.Response.Write("<script language="javascript">" +
"self.location='NotAllowed.aspx';</script>");
}
}
Then you create the NotAllowed.aspx page to display a nice friendly message to the user.
You can find more information here.
0 Responses to "ASP .Net Windows Authentication":
Post a Comment