Re: Redirect to default page using Windows Authentication

From: Eric Larsen (elarsen70_at_yahoo.com)
Date: 12/01/03 

Date: 1 Dec 2003 12:58:26 -0800

Can you not redirect to a custom error page for 401 errors? I see you
can redirect for the different 401 errors in IIS, but it does not seem
to work for every case. It looks like the Error 401.3 is created by a
.NET process. Is there a way to bypass .NET catching the error?

Thanks,
Eric

jamesche@online.microsoft.com (Jim Cheshire [MSFT]) wrote in message news:<6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>...
> Dave,
>
> You cannot catch this with ASP.NET. Our spec for ASP.NET 1.0/1.1 is that
> only 403, 404, and 500 errors are valid for customErrors. We have changed
> that for the next version of ASP.NET, and you should be able to do this in
> ASP.NET 2.0.
>
> Jim Cheshire, MCSE, MCSD [MSFT]
> Developer Support
> ASP.NET
> jamesche@online.microsoft.com
>
> This post is provided as-is with no warranties and confers no rights.
>
> --------------------
> >Content-Class: urn:content-classes:message
> >From: "Dave" <anonymous@discussions.microsoft.com>
> >Sender: "Dave" <anonymous@discussions.microsoft.com>
> >References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>
> <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> <pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>
> >Subject: RE: Redirect to default page using Windows Authentication
> >Date: Mon, 24 Nov 2003 13:06:52 -0800
> >Lines: 187
> >Message-ID: <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
> >MIME-Version: 1.0
> >Content-Type: text/plain;
> > charset="iso-8859-1"
> >Content-Transfer-Encoding: 7bit
> >X-Newsreader: Microsoft CDO for Windows 2000
> >X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
> >Thread-Index: AcOyzuIHne+BPDTwSz+E4bMQPmPxpQ==
> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> >Path: cpmsftngxa07.phx.gbl
> >Xref: cpmsftngxa07.phx.gbl
> microsoft.public.dotnet.framework.aspnet.security:7663
> >NNTP-Posting-Host: tk2msftngxa13.phx.gbl 10.40.1.165
> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> >
> >That's just it. I'm not sure where to trap that error.
> >Initially I thought an HttpModule would be my only
> >option, but I'm not even sure if the Http Request will
> >get that far in the pipeline.
> >
> >The webserver may get intercept the request and return
> >that error before I can do any type of redirect on the
> >backend using asp.net.
> >
> >Dave.
> >
> >>-----Original Message-----
> >>Dave,
> >>
> >>That's correct. There's no way around that. The way
> wininet
> >>authentication works is that if the resource you are
> requesting does not
> >>allow anonymous access, a 401 is sent back to the
> browser. If the resource
> >>is using Windows Integrated authentication and the
> browser is configured to
> >>automatically send credentials, the token is sent back
> and the user is
> >>authenticated. In the case of Basic authentication, a
> login prompt is
> >>displayed and the user must log in.
> >>
> >>If you intercept the 401 and redirect somewhere, you
> hijack the browser's
> >>ability to challenge. There is no way around that.
> >>
> >>Jim Cheshire, MCSE, MCSD [MSFT]
> >>Developer Support
> >>ASP.NET
> >>jamesche@online.microsoft.com
> >>
> >>This post is provided as-is with no warranties and
> confers no rights.
> >>
> >>--------------------
> >>>Content-Class: urn:content-classes:message
> >>>From: "Dave" <anonymous@discussions.microsoft.com>
> >>>Sender: "Dave" <anonymous@discussions.microsoft.com>
> >>>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>
> >>>Subject: RE: Redirect to default page using Windows
> Authentication
> >>>Date: Tue, 18 Nov 2003 11:46:14 -0800
> >>>Lines: 104
> >>>Message-ID: <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> >>>MIME-Version: 1.0
> >>>Content-Type: text/plain;
> >>> charset="iso-8859-1"
> >>>Content-Transfer-Encoding: 7bit
> >>>X-Newsreader: Microsoft CDO for Windows 2000
> >>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
> >>>Thread-Index: AcOuDJ/1n4uo2nCoQJyNrXRXUzhJ9Q==
> >>>Newsgroups:
> microsoft.public.dotnet.framework.aspnet.security
> >>>Path: cpmsftngxa06.phx.gbl
> >>>Xref: cpmsftngxa06.phx.gbl
> microsoft.public.dotnet.framework.aspnet.security:7618
> >>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
> >>>X-Tomcat-NG:
> microsoft.public.dotnet.framework.aspnet.security
> >>>
> >>>Jim,
> >>>
> >>>Thanks for the response. I guess I'm not following
> >>>where I would run the code you mentioned other than the
> >>>global.asax.
> >>>
> >>>I have the following code in there now...
> >>>
> >>>protected void Application_AuthenticateRequest(Object
> >>>sender, EventArgs e)
> >>> {
> >>>if ((Request.CurrentExecutionFilePath !
> >>>= "/MyApp/Index.aspx") &&
> (User.Identity.IsAuthenticated
> >>>== false))
> >>> {
> >>> Response.Redirect("Index.aspx");
> >>> }
> >>>}
> >>>
> >>>This works on the first attempt to view a page other
> than
> >>>index.aspx but when I try to click on a link that goes
> to
> >>>a page secured by Basic Auth., the code above gets
> fired
> >>>again and redirects me back to index.aspx. I don't
> have
> >>>a chance to enter the login credentials.
> >>>
> >>>Dave.
> >>>
> >>>>-----Original Message-----
> >>>>Dave,
> >>>>
> >>>>You would have to redirect on the 401 response. As
> long
> as the connection
> >>>>with IIS is still held in cache (and it should be),
> this
> should work fine.
> >>>>(I haven't tested it, so don't hold me to it.)
> >>>>
> >>>>It would look something like this:
> >>>>
> >>>>if (HttpResponse.Status == '401 ACCESS DENIED')
> >>>>{
> >>>> Response.Redirect('login.aspx');
> >>>>}
> >>>>
> >>>>Jim Cheshire, MCSE, MCSD [MSFT]
> >>>>Developer Support
> >>>>ASP.NET
> >>>>jamesche@online.microsoft.com
> >>>>
> >>>>This post is provided as-is with no warranties and
> confers no rights.
> >>>>
> >>>>
> >>>>--------------------
> >>>>>Content-Class: urn:content-classes:message
> >>>>>From: "Dave" <anonymous@discussions.microsoft.com>
> >>>>>Sender: "Dave" <anonymous@discussions.microsoft.com>
> >>>>>Subject: Redirect to default page using Windows
> Authentication
> >>>>>Date: Tue, 18 Nov 2003 08:47:17 -0800
> >>>>>Lines: 22
> >>>>>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> >>>>>MIME-Version: 1.0
> >>>>>Content-Type: text/plain;
> >>>>> charset="iso-8859-1"
> >>>>>Content-Transfer-Encoding: 7bit
> >>>>>X-Newsreader: Microsoft CDO for Windows 2000
> >>>>>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
> >>>>>X-MimeOLE: Produced By Microsoft MimeOLE
> V5.50.4910.0300
> >>>>>Newsgroups:
> microsoft.public.dotnet.framework.aspnet.security
> >>>>>Path: cpmsftngxa06.phx.gbl
> >>>>>Xref: cpmsftngxa06.phx.gbl
> microsoft.public.dotnet.framework.aspnet.security:7614
> >>>>>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
> >>>>>X-Tomcat-NG:
> microsoft.public.dotnet.framework.aspnet.security
> >>>>>
> >>>>>Hi,
> >>>>>
> >>>>>Is there a way to redirect the user to a default,
> >>>>>anonymous, welcome or "splash" page for our
> application
> >>>>>when using Windows authentication with Basic enabled?
> >>>>>
> >>>>>In other words, if a user attempts to access a
> secured
> >>>>>page directly the first time, they will be redirected
> to
> >>>>>the application's main entry point.
> >>>>>
> >>>>>I know this defeats the purpose of
> setting "Favorites"
> >>>>>but we want to have updates, news, instructions, etc
> on
> >>>>>this anonymous welcome page so the user can see this
> >>>>>information. It will then have a link or button that
> >>>>>states "Click here to login". Ideally, it would take
> >>>>>them then to the orignal page they wanted.
> >>>>>
> >>>>>I know this can be done with Forms authentication.
> >>>>>
> >>>>>Thanks, Dave.
> >>>>>
> >>>>>
> >>>>>
> >>>>
> >>>>.
> >>>>
> >>>
> >>
> >>.
> >>
> >

Quantcast