How To Create Custom Aspx Error Reporting Page

J

John Lau

Hi,

I am looking at the MS KB Article 306355: HOW TO: Create Custom Error
Reporting Pages in ASP.NET by Using Visual C# .NET

This article describes how to redirect errors to a custom html error page.
All six steps in the article work just fine. Then at the end of the
article, there is a little comment about redirecting errors to an aspx page
(instead of an html page):

"Note The page that is specified in defaultRedirect of the <customErrors>
section is an .htm file. If you intend to use GetLastError in an .aspx page
(which the Page_Error and Application_Error samples do), you must store the
exception in a session variable or some other approach before the redirect
takes place."

So I stored the exception in a session variable, and changed the
customErrors section to redirect the user to ErrorStatus.aspx instead of
errorStatus.htm.

<customErrors defaultRedirect="http://localhost/WebDemo/ErrorStatus.aspx"
mode="On" />

But instead of redirecting to the ErrorStatus.aspx page, the application
remained on the login.aspx page, and the ReturnUrl is set to the
ErrorStatus.aspx page (according to the address in the browser).

http://localhost/WebDemo/login.aspx.../login.aspx&aspxerrorpath=/WebDemo/login.aspx

Interestingly, if, in the Application_Error method in the Global.asax file,
I manually send the user to ErrorStatus.aspx using Response.Redirect, the
redirect is ignored. If I use Server.Transfer, it works. According to the
note in the article, I should not need to use Response.Redirect or
Server.Transfer.

Has anyone come across this problem?

Thanks,
John
 
G

Guest

Hi John

I've not had any trouble doing what you're trying to do with an errorpage.aspx. Nothing jumps out at me from your code, but I'm wondering if you've traced it line by line to see who's jumping where? For one, is it possible that there's something in the pageload of your errorpage that is throwing its own exception (e.g. a reference to a session variable that is not defined?) and kicking it back up to login.aspx

Regards

Bill Bor

----- John Lau wrote: ----

Hi

I am looking at the MS KB Article 306355: HOW TO: Create Custom Erro
Reporting Pages in ASP.NET by Using Visual C# .NE

This article describes how to redirect errors to a custom html error page
All six steps in the article work just fine. Then at the end of th
article, there is a little comment about redirecting errors to an aspx pag
(instead of an html page)

"Note The page that is specified in defaultRedirect of the <customErrors
section is an .htm file. If you intend to use GetLastError in an .aspx pag
(which the Page_Error and Application_Error samples do), you must store th
exception in a session variable or some other approach before the redirec
takes place.

So I stored the exception in a session variable, and changed th
customErrors section to redirect the user to ErrorStatus.aspx instead o
errorStatus.htm

<customErrors defaultRedirect="http://localhost/WebDemo/ErrorStatus.aspx
mode="On" /

But instead of redirecting to the ErrorStatus.aspx page, the applicatio
remained on the login.aspx page, and the ReturnUrl is set to th
ErrorStatus.aspx page (according to the address in the browser)

http://localhost/WebDemo/login.aspx...o/login.aspx&aspxerrorpath=/WebDemo/login.asp

Interestingly, if, in the Application_Error method in the Global.asax file
I manually send the user to ErrorStatus.aspx using Response.Redirect, th
redirect is ignored. If I use Server.Transfer, it works. According to th
note in the article, I should not need to use Response.Redirect o
Server.Transfer

Has anyone come across this problem

Thanks
Joh
 
J

John Lau

Hi Bill,

Well, at least I know that someone else has no problem doing this. For me,
I can switch back and forth between the html error page and the aspx error
page. All I change is the defaultRedirect in Web.config. It works if the
error page is html, doesn't work if it is aspx.

If I hard code the Server.Transfer inside the Application_Error method, it
steps from Application_Error into the Page_Load method of the
ErrorStatus.aspx page. If I remove the Server.Transfer, it steps from
Application_Error into some disassembly code, and then displays the
login.aspx page.

I could leave the Server.Transfer statement in the code, but would prefer it
to work properly!

Regards,
John


BB said:
Hi John,

I've not had any trouble doing what you're trying to do with an
errorpage.aspx. Nothing jumps out at me from your code, but I'm wondering
if you've traced it line by line to see who's jumping where? For one, is it
possible that there's something in the pageload of your errorpage that is
throwing its own exception (e.g. a reference to a session variable that is
not defined?) and kicking it back up to login.aspx?
 
S

Steven Cheng[MSFT]

Hi Join,


Thanks for posting in the community!
From your description, you used Formauthentication in your ASP.NET web app.
And you used an ASPX page as the defaultredirect error page. However, you
found that when error occured , the user will be redirectd to the login
page rather than the custom error page unless you use server.transfer to
manually direct the user to the error page in Application_Error event, yes?
If there is anything I misunderstood, please feel free to let me know.

I think the problem you met is an existing issue with the Custom Error
Handlering and your situation is accientally made more complex since you
used FormsAuthentication and the custom error page is protected from
unauthenticated user(deny="?" ) yes? Here is the detailed reasons:
1. As the kb article as mentioned:
-----------------------------------
Note The page that is specified in defaultRedirect of the <customErrors>
section is an .htm file. If you intend to use GetLastError in an .aspx page
(which the Page_Error and Application_Error samples do), you must store the
exception in a session variable or some other approach before the redirect
takes place.
------------------------------------
This is because after the Application_Error event, the ASP.NET runtime will
stop the current session which throws the error and start a new session
(and also clear the server errors). That's why the article told us to use
some other approachs to store the error infos. However, it didn't mention
another thing that since the session will be replaced by a new one, we
can't simply use session to store the error. One way to workarount it is
use the "Server.Transfer" method manualy redirect the user to the custom
error page( I noticed you've found this way). The server.transfer won't
clear the server error and also the current session will remain and not be
replaced by a new started one. Here is a former post discussing on this
issue, you may view my reply there via the following weblink in google:
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&frame=right&th=c
4385267d67065bd&seekm=qzzKYoi6DHA.2768%40cpmsftngxa07.phx.gbl#link4

2. As for the redirected to login page rather than the error page. This is
because you used the formauthentication. I think you have also make the
custom error page protected from unauthenticated user, yes? As I mentioned
above, after the Application_Error event, if you don't use Serve.Transfer
to manually direct user to the error page, the ASP.NET will clear the
server error and start a new session, also that cause the current request
become unauthenticated , then the user is redirected to the login page, do
you think so?

As for this issue, I think you can make the custom error page allowed by
unauthenticated user, such as:
<configuration>
<system.web>
//main setting here

</system.web>

<location path="custom_error_page.aspx" >
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
</configuration>

Please check out the preceding suggestions. If you feel anything still
unclear , please feel free to post here.



Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx
 
J

John Lau

Hi Steve and Bill,

Yes, Steve, you have described my exact problem. Thank you! And thanks to
Bill for taking an interest in my problem.

Before I saw your posting, I took Bill's suggestion and created a simple
error handling sample. It worked! Then I had to find the cause within the
difference between his sample and my application, which was considerable.
The first thing I tried was to copy my Web.config file into the simple
sample. This duplicated my problem. Then I removed the authorization
section, and the problem again disappeared. As you said, I am using
formauthentication, and the problem was:

<authorization>
<deny users="?" />
<allow users="*" />
</authorization>

I was going to try and further isolate the problem today, but your
explanation made that unnecessary.

Since I don't want a new session, I am using Server.Transfer. One other
problem I am encountering is that occasionally, after changing some code, I
will get the following error. If I reboot, the error goes away. Any way of
getting rid of the error without rebooting?

Thanks,
John

Server Error in '/WebDemo' Application.
----------------------------------------------------------------------------
----

Runtime Error
Description: An application error occurred on the server. The current custom
error settings for this application prevent the details of the application
error from being viewed.

Details: To enable the details of this specific error message to be viewable
on the local server machine, please create a <customErrors> tag within a
"web.config" configuration file located in the root directory of the current
web application. This <customErrors> tag should then have its "mode"
attribute set to "RemoteOnly". To enable the details to be viewable on
remote machines, please set "mode" to "Off".


<!-- Web.Config Configuration File -->

<configuration>
<system.web>
<customErrors mode="RemoteOnly"/>
</system.web>
</configuration>


Notes: The current error page you are seeing can be replaced by a custom
error page by modifying the "defaultRedirect" attribute of the application's
<customErrors> configuration tag to point to a custom error page URL.


<!-- Web.Config Configuration File -->

<configuration>
<system.web>
<customErrors mode="On" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
 
J

John Lau

Hi,

I found my last error. When I set the mode to RemoteOnly, I found that some
resources took sometimes takes a bit longer to be released. If I just wait
a minute or so, it clears itself up.

Steve, perhaps Microsoft should rewrite the KB articles (C# and VB.NET) to
reflect this issue. Seems likely a lot of other developers will eventually
get stuck on this same problem.

Thanks,
John
 
S

Steven Cheng[MSFT]

Hi John,

Thanks for your followup. I'm glad that you've finally figured out all your
problems. Also, i agree with you that the certain KB need further
improvement. And I think you may also post your suggestions on the KB to
the "MS wish" product feed back site:

http://register.microsoft.com/mswish/suggestion.asp

Anyway, thanks again for your advices.


Regards,

Steven Cheng
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Get Preview at ASP.NET whidbey
http://msdn.microsoft.com/asp.net/whidbey/default.aspx
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,900
Latest member
Nell636132

Latest Threads

Top