E
Evan M.
I've got an ASP.NET application that's using Windows authentication
with Integrated Windows authentication turned on to manage access.
Access to the web app should be restricted to only a couple AD Groups,
and I'm trying to get anybody else that tries to access the
application to be redirected to a friendly error page. However, I've
only been able to get a generic ASP.NET error page (401.2) to be
displayed.
I've tried getting it set up in web.config, but no matter what I do,
it doesn't seem to work.
The only option I've seen so far is to remove the authorization
information from web.config, and instead use Global.asax with the
following handler:
void Application_AuthenticateRequest(Object sender, EventArgs e) {
String AuthURL = "/AccessDenied.aspx";
if (!User.IsInRole("Domain\UserGroup")
&& Request.FilePath != AuthURL)
{
Server.Transfer(AuthURL);
}
}
Is there something that I'm missing?
Evan
with Integrated Windows authentication turned on to manage access.
Access to the web app should be restricted to only a couple AD Groups,
and I'm trying to get anybody else that tries to access the
application to be redirected to a friendly error page. However, I've
only been able to get a generic ASP.NET error page (401.2) to be
displayed.
I've tried getting it set up in web.config, but no matter what I do,
it doesn't seem to work.
The only option I've seen so far is to remove the authorization
information from web.config, and instead use Global.asax with the
following handler:
void Application_AuthenticateRequest(Object sender, EventArgs e) {
String AuthURL = "/AccessDenied.aspx";
if (!User.IsInRole("Domain\UserGroup")
&& Request.FilePath != AuthURL)
{
Server.Transfer(AuthURL);
}
}
Is there something that I'm missing?
Evan