Ask a Question related to ASP.NET Security, Design and Development.
-
Dave #1
Redirect to default page using Windows Authentication
Hi,
Is there a way to redirect the user to a default,
anonymous, welcome or "splash" page for our application
when using Windows authentication with Basic enabled?
In other words, if a user attempts to access a secured
page directly the first time, they will be redirected to
the application's main entry point.
I know this defeats the purpose of setting "Favorites"
but we want to have updates, news, instructions, etc on
this anonymous welcome page so the user can see this
information. It will then have a link or button that
states "Click here to login". Ideally, it would take
them then to the orignal page they wanted.
I know this can be done with Forms authentication.
Thanks, Dave.
Dave Guest
-
Solution to Forms Authentication redirecting to bogus default.aspx page with RedirectFromLoginPage
hi, i've read a lot of posts here about people who ran into problems using forms authentication, and the RedirectFromLoginPage() method, which... -
Forms Authentication won't redirect to login page
I'm trying to set basic form authentication on a webapp. I allaccess restricted to authenticated users. After changing theWeb.config file in the... -
Windows authentication Redirect /CustomErrors Issue
I am using asp.net (1.1) and am setting application security in web.config using: <customErrors mode="On" defaultRedirect="Denied.htm"><error... -
How to set redirect default on login?
Sorry, FormsAuthentication is hard set to "default.aspx" when doing the RedirectFromLoginPage and/or GetRedirectUrl Just execute SetAuthCookie... -
Windows mode authentication - anonymous and authenticated accesson same page
Hi, at the moment I'm developing a Web-Application with C# and encounter problems using Windows NTLM authentication with IIS 6.0 (W2k3EE). I... -
Jim Cheshire [MSFT] #2 RE: Redirect to default page using Windows Authentication
Dave,
You would have to redirect on the 401 response. As long as the connection
with IIS is still held in cache (and it should be), this should work fine.
(I haven't tested it, so don't hold me to it.)
It would look something like this:
if (HttpResponse.Status == '401 ACCESS DENIED')
{
Response.Redirect('login.aspx');
}
Jim Cheshire, MCSE, MCSD [MSFT]
Developer Support
ASP.NET
[email]jamesche@online.microsoft.com[/email]
This post is provided as-is with no warranties and confers no rights.
--------------------microsoft.public.dotnet.framework.aspnet.security: 7614>Content-Class: urn:content-classes:message
>From: "Dave" <anonymous@discussions.microsoft.com>
>Sender: "Dave" <anonymous@discussions.microsoft.com>
>Subject: Redirect to default page using Windows Authentication
>Date: Tue, 18 Nov 2003 08:47:17 -0800
>Lines: 22
>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="iso-8859-1"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>Path: cpmsftngxa06.phx.gbl
>Xref: cpmsftngxa06.phx.gbl>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
>Hi,
>
>Is there a way to redirect the user to a default,
>anonymous, welcome or "splash" page for our application
>when using Windows authentication with Basic enabled?
>
>In other words, if a user attempts to access a secured
>page directly the first time, they will be redirected to
>the application's main entry point.
>
>I know this defeats the purpose of setting "Favorites"
>but we want to have updates, news, instructions, etc on
>this anonymous welcome page so the user can see this
>information. It will then have a link or button that
>states "Click here to login". Ideally, it would take
>them then to the orignal page they wanted.
>
>I know this can be done with Forms authentication.
>
>Thanks, Dave.
>
>
>Jim Cheshire [MSFT] Guest
-
Dave #3 RE: Redirect to default page using Windows Authentication
Jim,
Thanks for the response. I guess I'm not following
where I would run the code you mentioned other than the
global.asax.
I have the following code in there now...
protected void Application_AuthenticateRequest(Object
sender, EventArgs e)
{
if ((Request.CurrentExecutionFilePath !
= "/MyApp/Index.aspx") && (User.Identity.IsAuthenticated
== false))
{
Response.Redirect("Index.aspx");
}
}
This works on the first attempt to view a page other than
index.aspx but when I try to click on a link that goes to
a page secured by Basic Auth., the code above gets fired
again and redirects me back to index.aspx. I don't have
a chance to enter the login credentials.
Dave.
as the connection>-----Original Message-----
>Dave,
>
>You would have to redirect on the 401 response. As longshould work fine.>with IIS is still held in cache (and it should be), thisconfers no rights.>(I haven't tested it, so don't hold me to it.)
>
>It would look something like this:
>
>if (HttpResponse.Status == '401 ACCESS DENIED')
>{
> Response.Redirect('login.aspx');
>}
>
>Jim Cheshire, MCSE, MCSD [MSFT]
>Developer Support
>ASP.NET
>jamesche@online.microsoft.com
>
>This post is provided as-is with no warranties andAuthentication>
>
>-------------------->>Content-Class: urn:content-classes:message
>>From: "Dave" <anonymous@discussions.microsoft.com>
>>Sender: "Dave" <anonymous@discussions.microsoft.com>
>>Subject: Redirect to default page using Windowsmicrosoft.public.dotnet.framework.aspnet.security>>Date: Tue, 18 Nov 2003 08:47:17 -0800
>>Lines: 22
>>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
>>MIME-Version: 1.0
>>Content-Type: text/plain;
>> charset="iso-8859-1"
>>Content-Transfer-Encoding: 7bit
>>X-Newsreader: Microsoft CDO for Windows 2000
>>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>>Newsgroups:microsoft.public.dotnet.framework.aspnet.security>microsoft.public.dotnet.framework.aspnet.security :7614>>Path: cpmsftngxa06.phx.gbl
>>Xref: cpmsftngxa06.phx.gbl>>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
>>X-Tomcat-NG:to>>
>>Hi,
>>
>>Is there a way to redirect the user to a default,
>>anonymous, welcome or "splash" page for our application
>>when using Windows authentication with Basic enabled?
>>
>>In other words, if a user attempts to access a secured
>>page directly the first time, they will be redirected>>>the application's main entry point.
>>
>>I know this defeats the purpose of setting "Favorites"
>>but we want to have updates, news, instructions, etc on
>>this anonymous welcome page so the user can see this
>>information. It will then have a link or button that
>>states "Click here to login". Ideally, it would take
>>them then to the orignal page they wanted.
>>
>>I know this can be done with Forms authentication.
>>
>>Thanks, Dave.
>>
>>
>>
>.
>Dave Guest
-
Redirect to default page using Windows Authentication
You can add the loginUrl property to the forms
authentication section in your config file :
<authentication mode="Forms">
<forms loginUrl="Login.aspx" />
</authentication>
Whenever a user has no access to an area, they would be
directly sent to the login page, and then automatically
redirected to the area they initially wanted to visit if
their security issues have been resolved by the new login
process. This also bring up the url if the session has
timed out(if you keep the roles in the session object).
Alex
Guest
-
Jim Cheshire [MSFT] #5 RE: Redirect to default page using Windows Authentication
Dave,
That's correct. There's no way around that. The way wininet
authentication works is that if the resource you are requesting does not
allow anonymous access, a 401 is sent back to the browser. If the resource
is using Windows Integrated authentication and the browser is configured to
automatically send credentials, the token is sent back and the user is
authenticated. In the case of Basic authentication, a login prompt is
displayed and the user must log in.
If you intercept the 401 and redirect somewhere, you hijack the browser's
ability to challenge. There is no way around that.
Jim Cheshire, MCSE, MCSD [MSFT]
Developer Support
ASP.NET
[email]jamesche@online.microsoft.com[/email]
This post is provided as-is with no warranties and confers no rights.
--------------------<6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>>Content-Class: urn:content-classes:message
>From: "Dave" <anonymous@discussions.microsoft.com>
>Sender: "Dave" <anonymous@discussions.microsoft.com>
>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>microsoft.public.dotnet.framework.aspnet.security: 7618>Subject: RE: Redirect to default page using Windows Authentication
>Date: Tue, 18 Nov 2003 11:46:14 -0800
>Lines: 104
>Message-ID: <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="iso-8859-1"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>Thread-Index: AcOuDJ/1n4uo2nCoQJyNrXRXUzhJ9Q==
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>Path: cpmsftngxa06.phx.gbl
>Xref: cpmsftngxa06.phx.gbl>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
>Jim,
>
>Thanks for the response. I guess I'm not following
>where I would run the code you mentioned other than the
>global.asax.
>
>I have the following code in there now...
>
>protected void Application_AuthenticateRequest(Object
>sender, EventArgs e)
> {
>if ((Request.CurrentExecutionFilePath !
>= "/MyApp/Index.aspx") && (User.Identity.IsAuthenticated
>== false))
> {
> Response.Redirect("Index.aspx");
> }
>}
>
>This works on the first attempt to view a page other than
>index.aspx but when I try to click on a link that goes to
>a page secured by Basic Auth., the code above gets fired
>again and redirects me back to index.aspx. I don't have
>a chance to enter the login credentials.
>
>Dave.
>>as the connection>>-----Original Message-----
>>Dave,
>>
>>You would have to redirect on the 401 response. As long>should work fine.>>with IIS is still held in cache (and it should be), this>confers no rights.>>(I haven't tested it, so don't hold me to it.)
>>
>>It would look something like this:
>>
>>if (HttpResponse.Status == '401 ACCESS DENIED')
>>{
>> Response.Redirect('login.aspx');
>>}
>>
>>Jim Cheshire, MCSE, MCSD [MSFT]
>>Developer Support
>>ASP.NET
>>jamesche@online.microsoft.com
>>
>>This post is provided as-is with no warranties and>Authentication>>
>>
>>-------------------->>>Content-Class: urn:content-classes:message
>>>From: "Dave" <anonymous@discussions.microsoft.com>
>>>Sender: "Dave" <anonymous@discussions.microsoft.com>
>>>Subject: Redirect to default page using Windows>microsoft.public.dotnet.framework.aspnet.securi ty>>>Date: Tue, 18 Nov 2003 08:47:17 -0800
>>>Lines: 22
>>>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
>>>MIME-Version: 1.0
>>>Content-Type: text/plain;
>>> charset="iso-8859-1"
>>>Content-Transfer-Encoding: 7bit
>>>X-Newsreader: Microsoft CDO for Windows 2000
>>>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
>>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>>>Newsgroups:>microsoft.public.dotnet.framework.aspnet.securi ty>>microsoft.public.dotnet.framework.aspnet.securit y:7614>>>Path: cpmsftngxa06.phx.gbl
>>>Xref: cpmsftngxa06.phx.gbl>>>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
>>>X-Tomcat-NG:>to>>>
>>>Hi,
>>>
>>>Is there a way to redirect the user to a default,
>>>anonymous, welcome or "splash" page for our application
>>>when using Windows authentication with Basic enabled?
>>>
>>>In other words, if a user attempts to access a secured
>>>page directly the first time, they will be redirected>>>>>>the application's main entry point.
>>>
>>>I know this defeats the purpose of setting "Favorites"
>>>but we want to have updates, news, instructions, etc on
>>>this anonymous welcome page so the user can see this
>>>information. It will then have a link or button that
>>>states "Click here to login". Ideally, it would take
>>>them then to the orignal page they wanted.
>>>
>>>I know this can be done with Forms authentication.
>>>
>>>Thanks, Dave.
>>>
>>>
>>>
>>.
>>Jim Cheshire [MSFT] Guest
-
Dave #6 Redirect to default page using Windows Authentication
Thanks, but I'm talking about Windows authentication. Not
forms.
login>-----Original Message-----
>You can add the loginUrl property to the forms
>authentication section in your config file :
>
><authentication mode="Forms">
> <forms loginUrl="Login.aspx" />
></authentication>
>
>Whenever a user has no access to an area, they would be
>directly sent to the login page, and then automatically
>redirected to the area they initially wanted to visit if
>their security issues have been resolved by the new>process. This also bring up the url if the session has
>timed out(if you keep the roles in the session object).
>Alex
>.
>Dave Guest
-
Dave #7 RE: Redirect to default page using Windows Authentication
That's just it. I'm not sure where to trap that error.
Initially I thought an HttpModule would be my only
option, but I'm not even sure if the Http Request will
get that far in the pipeline.
The webserver may get intercept the request and return
that error before I can do any type of redirect on the
backend using asp.net.
Dave.
wininet>-----Original Message-----
>Dave,
>
>That's correct. There's no way around that. The wayrequesting does not>authentication works is that if the resource you arebrowser. If the resource>allow anonymous access, a 401 is sent back to thebrowser is configured to>is using Windows Integrated authentication and theand the user is>automatically send credentials, the token is sent backlogin prompt is>authenticated. In the case of Basic authentication, ahijack the browser's>displayed and the user must log in.
>
>If you intercept the 401 and redirect somewhere, youconfers no rights.>ability to challenge. There is no way around that.
>
>Jim Cheshire, MCSE, MCSD [MSFT]
>Developer Support
>ASP.NET
>jamesche@online.microsoft.com
>
>This post is provided as-is with no warranties andAuthentication>
>--------------------><6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>>>Content-Class: urn:content-classes:message
>>From: "Dave" <anonymous@discussions.microsoft.com>
>>Sender: "Dave" <anonymous@discussions.microsoft.com>
>>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>>>Subject: RE: Redirect to default page using Windowsmicrosoft.public.dotnet.framework.aspnet.security>>Date: Tue, 18 Nov 2003 11:46:14 -0800
>>Lines: 104
>>Message-ID: <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
>>MIME-Version: 1.0
>>Content-Type: text/plain;
>> charset="iso-8859-1"
>>Content-Transfer-Encoding: 7bit
>>X-Newsreader: Microsoft CDO for Windows 2000
>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>>Thread-Index: AcOuDJ/1n4uo2nCoQJyNrXRXUzhJ9Q==
>>Newsgroups:microsoft.public.dotnet.framework.aspnet.security>microsoft.public.dotnet.framework.aspnet.security :7618>>Path: cpmsftngxa06.phx.gbl
>>Xref: cpmsftngxa06.phx.gbl>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
>>X-Tomcat-NG:(User.Identity.IsAuthenticated>>
>>Jim,
>>
>>Thanks for the response. I guess I'm not following
>>where I would run the code you mentioned other than the
>>global.asax.
>>
>>I have the following code in there now...
>>
>>protected void Application_AuthenticateRequest(Object
>>sender, EventArgs e)
>> {
>>if ((Request.CurrentExecutionFilePath !
>>= "/MyApp/Index.aspx") &&than>>== false))
>> {
>> Response.Redirect("Index.aspx");
>> }
>>}
>>
>>This works on the first attempt to view a page otherto>>index.aspx but when I try to click on a link that goesfired>>a page secured by Basic Auth., the code above getshave>>again and redirects me back to index.aspx. I don'tlong>>a chance to enter the login credentials.
>>
>>Dave.
>>>>>-----Original Message-----
>>>Dave,
>>>
>>>You would have to redirect on the 401 response. Asthis>>as the connection>>>with IIS is still held in cache (and it should be),V5.50.4910.0300>>should work fine.>>confers no rights.>>>(I haven't tested it, so don't hold me to it.)
>>>
>>>It would look something like this:
>>>
>>>if (HttpResponse.Status == '401 ACCESS DENIED')
>>>{
>>> Response.Redirect('login.aspx');
>>>}
>>>
>>>Jim Cheshire, MCSE, MCSD [MSFT]
>>>Developer Support
>>>ASP.NET
>>>jamesche@online.microsoft.com
>>>
>>>This post is provided as-is with no warranties and>>Authentication>>>
>>>
>>>--------------------
>>>>Content-Class: urn:content-classes:message
>>>>From: "Dave" <anonymous@discussions.microsoft.com>
>>>>Sender: "Dave" <anonymous@discussions.microsoft.com>
>>>>Subject: Redirect to default page using Windows>>>>Date: Tue, 18 Nov 2003 08:47:17 -0800
>>>>Lines: 22
>>>>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
>>>>MIME-Version: 1.0
>>>>Content-Type: text/plain;
>>>> charset="iso-8859-1"
>>>>Content-Transfer-Encoding: 7bit
>>>>X-Newsreader: Microsoft CDO for Windows 2000
>>>>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
>>>>X-MimeOLE: Produced By Microsoft MimeOLEapplication>>microsoft.public.dotnet.framework.aspnet.securit y>>>>Newsgroups:>>microsoft.public.dotnet.framework.aspnet.securit y>>>>Path: cpmsftngxa06.phx.gbl
>>>>Xref: cpmsftngxa06.phx.gbl
>>>microsoft.public.dotnet.framework.aspnet.securi ty:7614
>>>>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
>>>>X-Tomcat-NG:>>>>
>>>>Hi,
>>>>
>>>>Is there a way to redirect the user to a default,
>>>>anonymous, welcome or "splash" page for oursecured>>>>when using Windows authentication with Basic enabled?
>>>>
>>>>In other words, if a user attempts to access asetting "Favorites">>to>>>>page directly the first time, they will be redirected>>>>the application's main entry point.
>>>>
>>>>I know this defeats the purpose ofon>>>>but we want to have updates, news, instructions, etc>>>>>>>this anonymous welcome page so the user can see this
>>>>information. It will then have a link or button that
>>>>states "Click here to login". Ideally, it would take
>>>>them then to the orignal page they wanted.
>>>>
>>>>I know this can be done with Forms authentication.
>>>>
>>>>Thanks, Dave.
>>>>
>>>>
>>>>
>>>
>>>.
>>>
>.
>Dave Guest
-
Jim Cheshire [MSFT] #8 RE: Redirect to default page using Windows Authentication
Dave,
You cannot catch this with ASP.NET. Our spec for ASP.NET 1.0/1.1 is that
only 403, 404, and 500 errors are valid for customErrors. We have changed
that for the next version of ASP.NET, and you should be able to do this in
ASP.NET 2.0.
Jim Cheshire, MCSE, MCSD [MSFT]
Developer Support
ASP.NET
[email]jamesche@online.microsoft.com[/email]
This post is provided as-is with no warranties and confers no rights.
--------------------<6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>>Content-Class: urn:content-classes:message
>From: "Dave" <anonymous@discussions.microsoft.com>
>Sender: "Dave" <anonymous@discussions.microsoft.com>
>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
<014601c3ae0c$9ff59be0$a501280a@phx.gbl>
<pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>microsoft.public.dotnet.framework.aspnet.security: 7663>Subject: RE: Redirect to default page using Windows Authentication
>Date: Mon, 24 Nov 2003 13:06:52 -0800
>Lines: 187
>Message-ID: <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="iso-8859-1"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>Thread-Index: AcOyzuIHne+BPDTwSz+E4bMQPmPxpQ==
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>Path: cpmsftngxa07.phx.gbl
>Xref: cpmsftngxa07.phx.gbl>NNTP-Posting-Host: tk2msftngxa13.phx.gbl 10.40.1.165
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
>That's just it. I'm not sure where to trap that error.
>Initially I thought an HttpModule would be my only
>option, but I'm not even sure if the Http Request will
>get that far in the pipeline.
>
>The webserver may get intercept the request and return
>that error before I can do any type of redirect on the
>backend using asp.net.
>
>Dave.
>>wininet>>-----Original Message-----
>>Dave,
>>
>>That's correct. There's no way around that. The way>requesting does not>>authentication works is that if the resource you are>browser. If the resource>>allow anonymous access, a 401 is sent back to the>browser is configured to>>is using Windows Integrated authentication and the>and the user is>>automatically send credentials, the token is sent back>login prompt is>>authenticated. In the case of Basic authentication, a>hijack the browser's>>displayed and the user must log in.
>>
>>If you intercept the 401 and redirect somewhere, you>confers no rights.>>ability to challenge. There is no way around that.
>>
>>Jim Cheshire, MCSE, MCSD [MSFT]
>>Developer Support
>>ASP.NET
>>jamesche@online.microsoft.com
>>
>>This post is provided as-is with no warranties and>Authentication>>
>>-------------------->><6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>>>>Content-Class: urn:content-classes:message
>>>From: "Dave" <anonymous@discussions.microsoft.com>
>>>Sender: "Dave" <anonymous@discussions.microsoft.com>
>>>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>>>>Subject: RE: Redirect to default page using Windows>microsoft.public.dotnet.framework.aspnet.securi ty>>>Date: Tue, 18 Nov 2003 11:46:14 -0800
>>>Lines: 104
>>>Message-ID: <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
>>>MIME-Version: 1.0
>>>Content-Type: text/plain;
>>> charset="iso-8859-1"
>>>Content-Transfer-Encoding: 7bit
>>>X-Newsreader: Microsoft CDO for Windows 2000
>>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>>>Thread-Index: AcOuDJ/1n4uo2nCoQJyNrXRXUzhJ9Q==
>>>Newsgroups:>microsoft.public.dotnet.framework.aspnet.securi ty>>microsoft.public.dotnet.framework.aspnet.securit y:7618>>>Path: cpmsftngxa06.phx.gbl
>>>Xref: cpmsftngxa06.phx.gbl>>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
>>>X-Tomcat-NG:>(User.Identity.IsAuthenticated>>>
>>>Jim,
>>>
>>>Thanks for the response. I guess I'm not following
>>>where I would run the code you mentioned other than the
>>>global.asax.
>>>
>>>I have the following code in there now...
>>>
>>>protected void Application_AuthenticateRequest(Object
>>>sender, EventArgs e)
>>> {
>>>if ((Request.CurrentExecutionFilePath !
>>>= "/MyApp/Index.aspx") &&>than>>>== false))
>>> {
>>> Response.Redirect("Index.aspx");
>>> }
>>>}
>>>
>>>This works on the first attempt to view a page other>to>>>index.aspx but when I try to click on a link that goes>fired>>>a page secured by Basic Auth., the code above gets>have>>>again and redirects me back to index.aspx. I don't>long>>>a chance to enter the login credentials.
>>>
>>>Dave.
>>>
>>>>-----Original Message-----
>>>>Dave,
>>>>
>>>>You would have to redirect on the 401 response. As>this>>>as the connection
>>>>with IIS is still held in cache (and it should be),>V5.50.4910.0300>>>should work fine.
>>>>(I haven't tested it, so don't hold me to it.)
>>>>
>>>>It would look something like this:
>>>>
>>>>if (HttpResponse.Status == '401 ACCESS DENIED')
>>>>{
>>>> Response.Redirect('login.aspx');
>>>>}
>>>>
>>>>Jim Cheshire, MCSE, MCSD [MSFT]
>>>>Developer Support
>>>>ASP.NET
>>>>jamesche@online.microsoft.com
>>>>
>>>>This post is provided as-is with no warranties and
>>>confers no rights.
>>>>
>>>>
>>>>--------------------
>>>>>Content-Class: urn:content-classes:message
>>>>>From: "Dave" <anonymous@discussions.microsoft.com>
>>>>>Sender: "Dave" <anonymous@discussions.microsoft.com>
>>>>>Subject: Redirect to default page using Windows
>>>Authentication
>>>>>Date: Tue, 18 Nov 2003 08:47:17 -0800
>>>>>Lines: 22
>>>>>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
>>>>>MIME-Version: 1.0
>>>>>Content-Type: text/plain;
>>>>> charset="iso-8859-1"
>>>>>Content-Transfer-Encoding: 7bit
>>>>>X-Newsreader: Microsoft CDO for Windows 2000
>>>>>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
>>>>>X-MimeOLE: Produced By Microsoft MimeOLE>application>>>>>Newsgroups:
>>>microsoft.public.dotnet.framework.aspnet.securi ty
>>>>>Path: cpmsftngxa06.phx.gbl
>>>>>Xref: cpmsftngxa06.phx.gbl
>>>>microsoft.public.dotnet.framework.aspnet.secur ity:7614
>>>>>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
>>>>>X-Tomcat-NG:
>>>microsoft.public.dotnet.framework.aspnet.securi ty
>>>>>
>>>>>Hi,
>>>>>
>>>>>Is there a way to redirect the user to a default,
>>>>>anonymous, welcome or "splash" page for our>secured>>>>>when using Windows authentication with Basic enabled?
>>>>>
>>>>>In other words, if a user attempts to access a>setting "Favorites">>>>>page directly the first time, they will be redirected
>>>to
>>>>>the application's main entry point.
>>>>>
>>>>>I know this defeats the purpose of>on>>>>>but we want to have updates, news, instructions, etc>>>>>>>>this anonymous welcome page so the user can see this
>>>>>information. It will then have a link or button that
>>>>>states "Click here to login". Ideally, it would take
>>>>>them then to the orignal page they wanted.
>>>>>
>>>>>I know this can be done with Forms authentication.
>>>>>
>>>>>Thanks, Dave.
>>>>>
>>>>>
>>>>>
>>>>
>>>>.
>>>>
>>>
>>.
>>Jim Cheshire [MSFT] Guest
-
Eric Larsen #9 Re: Redirect to default page using Windows Authentication
Can you not redirect to a custom error page for 401 errors? I see you
can redirect for the different 401 errors in IIS, but it does not seem
to work for every case. It looks like the Error 401.3 is created by a
..NET process. Is there a way to bypass .NET catching the error?
Thanks,
Eric
[email]jamesche@online.microsoft.com[/email] (Jim Cheshire [MSFT]) wrote in message news:<6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>...> Dave,
>
> You cannot catch this with ASP.NET. Our spec for ASP.NET 1.0/1.1 is that
> only 403, 404, and 500 errors are valid for customErrors. We have changed
> that for the next version of ASP.NET, and you should be able to do this in
> ASP.NET 2.0.
>
> Jim Cheshire, MCSE, MCSD [MSFT]
> Developer Support
> ASP.NET
> [email]jamesche@online.microsoft.com[/email]
>
> This post is provided as-is with no warranties and confers no rights.
>
> --------------------> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>> >Content-Class: urn:content-classes:message
> >From: "Dave" <anonymous@discussions.microsoft.com>
> >Sender: "Dave" <anonymous@discussions.microsoft.com>
> >References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> <pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>> microsoft.public.dotnet.framework.aspnet.security: 7663> >Subject: RE: Redirect to default page using Windows Authentication
> >Date: Mon, 24 Nov 2003 13:06:52 -0800
> >Lines: 187
> >Message-ID: <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
> >MIME-Version: 1.0
> >Content-Type: text/plain;
> > charset="iso-8859-1"
> >Content-Transfer-Encoding: 7bit
> >X-Newsreader: Microsoft CDO for Windows 2000
> >X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
> >Thread-Index: AcOyzuIHne+BPDTwSz+E4bMQPmPxpQ==
> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> >Path: cpmsftngxa07.phx.gbl
> >Xref: cpmsftngxa07.phx.gbl> wininet> >NNTP-Posting-Host: tk2msftngxa13.phx.gbl 10.40.1.165
> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> >
> >That's just it. I'm not sure where to trap that error.
> >Initially I thought an HttpModule would be my only
> >option, but I'm not even sure if the Http Request will
> >get that far in the pipeline.
> >
> >The webserver may get intercept the request and return
> >that error before I can do any type of redirect on the
> >backend using asp.net.
> >
> >Dave.
> >> >>-----Original Message-----
> >>Dave,
> >>
> >>That's correct. There's no way around that. The way> requesting does not> >>authentication works is that if the resource you are> browser. If the resource> >>allow anonymous access, a 401 is sent back to the> browser is configured to> >>is using Windows Integrated authentication and the> and the user is> >>automatically send credentials, the token is sent back> login prompt is> >>authenticated. In the case of Basic authentication, a> hijack the browser's> >>displayed and the user must log in.
> >>
> >>If you intercept the 401 and redirect somewhere, you> confers no rights.> >>ability to challenge. There is no way around that.
> >>
> >>Jim Cheshire, MCSE, MCSD [MSFT]
> >>Developer Support
> >>ASP.NET
> >>jamesche@online.microsoft.com
> >>
> >>This post is provided as-is with no warranties and> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>> >>
> >>--------------------
> >>>Content-Class: urn:content-classes:message
> >>>From: "Dave" <anonymous@discussions.microsoft.com>
> >>>Sender: "Dave" <anonymous@discussions.microsoft.com>
> >>>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>> Authentication> >>>Subject: RE: Redirect to default page using Windows> microsoft.public.dotnet.framework.aspnet.security> >>>Date: Tue, 18 Nov 2003 11:46:14 -0800
> >>>Lines: 104
> >>>Message-ID: <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> >>>MIME-Version: 1.0
> >>>Content-Type: text/plain;
> >>> charset="iso-8859-1"
> >>>Content-Transfer-Encoding: 7bit
> >>>X-Newsreader: Microsoft CDO for Windows 2000
> >>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
> >>>Thread-Index: AcOuDJ/1n4uo2nCoQJyNrXRXUzhJ9Q==
> >>>Newsgroups:> microsoft.public.dotnet.framework.aspnet.security: 7618> >>>Path: cpmsftngxa06.phx.gbl
> >>>Xref: cpmsftngxa06.phx.gbl> microsoft.public.dotnet.framework.aspnet.security> >>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
> >>>X-Tomcat-NG:> (User.Identity.IsAuthenticated> >>>
> >>>Jim,
> >>>
> >>>Thanks for the response. I guess I'm not following
> >>>where I would run the code you mentioned other than the
> >>>global.asax.
> >>>
> >>>I have the following code in there now...
> >>>
> >>>protected void Application_AuthenticateRequest(Object
> >>>sender, EventArgs e)
> >>> {
> >>>if ((Request.CurrentExecutionFilePath !
> >>>= "/MyApp/Index.aspx") &&> than> >>>== false))
> >>> {
> >>> Response.Redirect("Index.aspx");
> >>> }
> >>>}
> >>>
> >>>This works on the first attempt to view a page other> to> >>>index.aspx but when I try to click on a link that goes> fired> >>>a page secured by Basic Auth., the code above gets> have> >>>again and redirects me back to index.aspx. I don't> long> >>>a chance to enter the login credentials.
> >>>
> >>>Dave.
> >>>
> >>>>-----Original Message-----
> >>>>Dave,
> >>>>
> >>>>You would have to redirect on the 401 response. As
> as the connection> this> >>>>with IIS is still held in cache (and it should be),
> should work fine.> confers no rights.> >>>>(I haven't tested it, so don't hold me to it.)
> >>>>
> >>>>It would look something like this:
> >>>>
> >>>>if (HttpResponse.Status == '401 ACCESS DENIED')
> >>>>{
> >>>> Response.Redirect('login.aspx');
> >>>>}
> >>>>
> >>>>Jim Cheshire, MCSE, MCSD [MSFT]
> >>>>Developer Support
> >>>>ASP.NET
> >>>>jamesche@online.microsoft.com
> >>>>
> >>>>This post is provided as-is with no warranties and> Authentication> >>>>
> >>>>
> >>>>--------------------
> >>>>>Content-Class: urn:content-classes:message
> >>>>>From: "Dave" <anonymous@discussions.microsoft.com>
> >>>>>Sender: "Dave" <anonymous@discussions.microsoft.com>
> >>>>>Subject: Redirect to default page using Windows> V5.50.4910.0300> >>>>>Date: Tue, 18 Nov 2003 08:47:17 -0800
> >>>>>Lines: 22
> >>>>>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> >>>>>MIME-Version: 1.0
> >>>>>Content-Type: text/plain;
> >>>>> charset="iso-8859-1"
> >>>>>Content-Transfer-Encoding: 7bit
> >>>>>X-Newsreader: Microsoft CDO for Windows 2000
> >>>>>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
> >>>>>X-MimeOLE: Produced By Microsoft MimeOLE> microsoft.public.dotnet.framework.aspnet.security> >>>>>Newsgroups:> microsoft.public.dotnet.framework.aspnet.security: 7614> >>>>>Path: cpmsftngxa06.phx.gbl
> >>>>>Xref: cpmsftngxa06.phx.gbl> microsoft.public.dotnet.framework.aspnet.security> >>>>>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
> >>>>>X-Tomcat-NG:> application> >>>>>
> >>>>>Hi,
> >>>>>
> >>>>>Is there a way to redirect the user to a default,
> >>>>>anonymous, welcome or "splash" page for our> secured> >>>>>when using Windows authentication with Basic enabled?
> >>>>>
> >>>>>In other words, if a user attempts to access a> to> >>>>>page directly the first time, they will be redirected> setting "Favorites"> >>>>>the application's main entry point.
> >>>>>
> >>>>>I know this defeats the purpose of> on> >>>>>but we want to have updates, news, instructions, etc> >> >>>>>this anonymous welcome page so the user can see this
> >>>>>information. It will then have a link or button that
> >>>>>states "Click here to login". Ideally, it would take
> >>>>>them then to the orignal page they wanted.
> >>>>>
> >>>>>I know this can be done with Forms authentication.
> >>>>>
> >>>>>Thanks, Dave.
> >>>>>
> >>>>>
> >>>>>
> >>>>
> >>>>.
> >>>>
> >>>
> >>
> >>.
> >>Eric Larsen Guest
-
Jim Cheshire [MSFT] #10 Re: Redirect to default page using Windows Authentication
Eric,
No, you cannot. IIS handles that before ASP.NET has the opportunity in our
current architecture.
Jim Cheshire, MCSE, MCSD [MSFT]
Developer Support
ASP.NET
[email]jamesche@online.microsoft.com[/email]
This post is provided as-is with no warranties and confers no rights.
--------------------<6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>>From: [email]elarsen70@yahoo.com[/email] (Eric Larsen)
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>Subject: Re: Redirect to default page using Windows Authentication
>Date: 1 Dec 2003 12:58:26 -0800
>Organization: [url]http://groups.google.com[/url]
>Lines: 238
>Message-ID: <61ab5a70.0312011258.1055e5bd@posting.google.com >
>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
<014601c3ae0c$9ff59be0$a501280a@phx.gbl>
<pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>
<028901c3b2ce$e20a2a70$a501280a@phx.gbl>
<6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>20:58:27 GMT)>NNTP-Posting-Host: 167.218.156.60
>Content-Type: text/plain; charset=ISO-8859-1
>Content-Transfer-Encoding: 8bit
>X-Trace: posting.google.com 1070312307 30279 127.0.0.1 (1 Dec 2003cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed 00.sul.t-online.de!t-onlin>X-Complaints-To: [email]groups-abuse@google.com[/email]
>NNTP-Posting-Date: Mon, 1 Dec 2003 20:58:27 +0000 (UTC)
>Path:
e.de!peernews3.colt.net!news0.de.colt.net!eusc.int er.net!priapus.visi.com!ze
us.visi.com!news-out.visi.com!petbe.visi.com!newsfeed2.dallas1.leve l3.net!ne
ws.level3.com!postnews1.google.com!not-for-mailmicrosoft.public.dotnet.framework.aspnet.security: 7783>Xref: cpmsftngxa06.phx.gblnews:<6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>...>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
>Can you not redirect to a custom error page for 401 errors? I see you
>can redirect for the different 401 errors in IIS, but it does not seem
>to work for every case. It looks like the Error 401.3 is created by a
>.NET process. Is there a way to bypass .NET catching the error?
>
>Thanks,
>Eric
>
>
>jamesche@online.microsoft.com (Jim Cheshire [MSFT]) wrote in messagethat>> Dave,
>>
>> You cannot catch this with ASP.NET. Our spec for ASP.NET 1.0/1.1 ischanged>> only 403, 404, and 500 errors are valid for customErrors. We havein>> that for the next version of ASP.NET, and you should be able to do this>>> ASP.NET 2.0.
>>
>> Jim Cheshire, MCSE, MCSD [MSFT]
>> Developer Support
>> ASP.NET
>> [email]jamesche@online.microsoft.com[/email]
>>
>> This post is provided as-is with no warranties and confers no rights.
>>
>> -------------------->> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>>> >Content-Class: urn:content-classes:message
>> >From: "Dave" <anonymous@discussions.microsoft.com>
>> >Sender: "Dave" <anonymous@discussions.microsoft.com>
>> >References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
>> <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
>> <pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>>> microsoft.public.dotnet.framework.aspnet.security: 7663>> >Subject: RE: Redirect to default page using Windows Authentication
>> >Date: Mon, 24 Nov 2003 13:06:52 -0800
>> >Lines: 187
>> >Message-ID: <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
>> >MIME-Version: 1.0
>> >Content-Type: text/plain;
>> > charset="iso-8859-1"
>> >Content-Transfer-Encoding: 7bit
>> >X-Newsreader: Microsoft CDO for Windows 2000
>> >X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>> >Thread-Index: AcOyzuIHne+BPDTwSz+E4bMQPmPxpQ==
>> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>> >Path: cpmsftngxa07.phx.gbl
>> >Xref: cpmsftngxa07.phx.gbl>> wininet>> >NNTP-Posting-Host: tk2msftngxa13.phx.gbl 10.40.1.165
>> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>> >
>> >That's just it. I'm not sure where to trap that error.
>> >Initially I thought an HttpModule would be my only
>> >option, but I'm not even sure if the Http Request will
>> >get that far in the pipeline.
>> >
>> >The webserver may get intercept the request and return
>> >that error before I can do any type of redirect on the
>> >backend using asp.net.
>> >
>> >Dave.
>> >
>> >>-----Original Message-----
>> >>Dave,
>> >>
>> >>That's correct. There's no way around that. The way>> requesting does not>> >>authentication works is that if the resource you are>> browser. If the resource>> >>allow anonymous access, a 401 is sent back to the>> browser is configured to>> >>is using Windows Integrated authentication and the>> and the user is>> >>automatically send credentials, the token is sent back>> login prompt is>> >>authenticated. In the case of Basic authentication, a>> hijack the browser's>> >>displayed and the user must log in.
>> >>
>> >>If you intercept the 401 and redirect somewhere, you>> confers no rights.>> >>ability to challenge. There is no way around that.
>> >>
>> >>Jim Cheshire, MCSE, MCSD [MSFT]
>> >>Developer Support
>> >>ASP.NET
>> >>jamesche@online.microsoft.com
>> >>
>> >>This post is provided as-is with no warranties and>> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>>> >>
>> >>--------------------
>> >>>Content-Class: urn:content-classes:message
>> >>>From: "Dave" <anonymous@discussions.microsoft.com>
>> >>>Sender: "Dave" <anonymous@discussions.microsoft.com>
>> >>>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>>> Authentication>> >>>Subject: RE: Redirect to default page using Windows>> microsoft.public.dotnet.framework.aspnet.security>> >>>Date: Tue, 18 Nov 2003 11:46:14 -0800
>> >>>Lines: 104
>> >>>Message-ID: <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
>> >>>MIME-Version: 1.0
>> >>>Content-Type: text/plain;
>> >>> charset="iso-8859-1"
>> >>>Content-Transfer-Encoding: 7bit
>> >>>X-Newsreader: Microsoft CDO for Windows 2000
>> >>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>> >>>Thread-Index: AcOuDJ/1n4uo2nCoQJyNrXRXUzhJ9Q==
>> >>>Newsgroups:>> microsoft.public.dotnet.framework.aspnet.security: 7618>> >>>Path: cpmsftngxa06.phx.gbl
>> >>>Xref: cpmsftngxa06.phx.gbl>> microsoft.public.dotnet.framework.aspnet.security>> >>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
>> >>>X-Tomcat-NG:>> (User.Identity.IsAuthenticated>> >>>
>> >>>Jim,
>> >>>
>> >>>Thanks for the response. I guess I'm not following
>> >>>where I would run the code you mentioned other than the
>> >>>global.asax.
>> >>>
>> >>>I have the following code in there now...
>> >>>
>> >>>protected void Application_AuthenticateRequest(Object
>> >>>sender, EventArgs e)
>> >>> {
>> >>>if ((Request.CurrentExecutionFilePath !
>> >>>= "/MyApp/Index.aspx") &&>> than>> >>>== false))
>> >>> {
>> >>> Response.Redirect("Index.aspx");
>> >>> }
>> >>>}
>> >>>
>> >>>This works on the first attempt to view a page other>> to>> >>>index.aspx but when I try to click on a link that goes>> fired>> >>>a page secured by Basic Auth., the code above gets>> have>> >>>again and redirects me back to index.aspx. I don't>> long>> >>>a chance to enter the login credentials.
>> >>>
>> >>>Dave.
>> >>>
>> >>>>-----Original Message-----
>> >>>>Dave,
>> >>>>
>> >>>>You would have to redirect on the 401 response. As
>> as the connection>> this>> >>>>with IIS is still held in cache (and it should be),
>> should work fine.>> confers no rights.>> >>>>(I haven't tested it, so don't hold me to it.)
>> >>>>
>> >>>>It would look something like this:
>> >>>>
>> >>>>if (HttpResponse.Status == '401 ACCESS DENIED')
>> >>>>{
>> >>>> Response.Redirect('login.aspx');
>> >>>>}
>> >>>>
>> >>>>Jim Cheshire, MCSE, MCSD [MSFT]
>> >>>>Developer Support
>> >>>>ASP.NET
>> >>>>jamesche@online.microsoft.com
>> >>>>
>> >>>>This post is provided as-is with no warranties and>> Authentication>> >>>>
>> >>>>
>> >>>>--------------------
>> >>>>>Content-Class: urn:content-classes:message
>> >>>>>From: "Dave" <anonymous@discussions.microsoft.com>
>> >>>>>Sender: "Dave" <anonymous@discussions.microsoft.com>
>> >>>>>Subject: Redirect to default page using Windows>> V5.50.4910.0300>> >>>>>Date: Tue, 18 Nov 2003 08:47:17 -0800
>> >>>>>Lines: 22
>> >>>>>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
>> >>>>>MIME-Version: 1.0
>> >>>>>Content-Type: text/plain;
>> >>>>> charset="iso-8859-1"
>> >>>>>Content-Transfer-Encoding: 7bit
>> >>>>>X-Newsreader: Microsoft CDO for Windows 2000
>> >>>>>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
>> >>>>>X-MimeOLE: Produced By Microsoft MimeOLE>> microsoft.public.dotnet.framework.aspnet.security>> >>>>>Newsgroups:>> microsoft.public.dotnet.framework.aspnet.security: 7614>> >>>>>Path: cpmsftngxa06.phx.gbl
>> >>>>>Xref: cpmsftngxa06.phx.gbl>> microsoft.public.dotnet.framework.aspnet.security>> >>>>>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
>> >>>>>X-Tomcat-NG:>> application>> >>>>>
>> >>>>>Hi,
>> >>>>>
>> >>>>>Is there a way to redirect the user to a default,
>> >>>>>anonymous, welcome or "splash" page for our>> secured>> >>>>>when using Windows authentication with Basic enabled?
>> >>>>>
>> >>>>>In other words, if a user attempts to access a>> to>> >>>>>page directly the first time, they will be redirected>> setting "Favorites">> >>>>>the application's main entry point.
>> >>>>>
>> >>>>>I know this defeats the purpose of>> on>> >>>>>but we want to have updates, news, instructions, etc>> >>>>>this anonymous welcome page so the user can see this
>> >>>>>information. It will then have a link or button that
>> >>>>>states "Click here to login". Ideally, it would take
>> >>>>>them then to the orignal page they wanted.
>> >>>>>
>> >>>>>I know this can be done with Forms authentication.
>> >>>>>
>> >>>>>Thanks, Dave.
>> >>>>>
>> >>>>>
>> >>>>>
>> >>>>
>> >>>>.
>> >>>>
>> >>>
>> >>
>> >>.
>> >>
>> >Jim Cheshire [MSFT] Guest
-
Eric Larsen #11 Re: Redirect to default page using Windows Authentication
Jim
Thanks for the response, but when I configure the Custom Errors for
401;3 in IIS, I still get the the generic message instead of the file
that I set it display. All the other 401 errors go to the file, so I
can not figure out why IIS is not handling 401.3 the way it is setup
for that HTTP Error.
Thanks,
Eric
[email]jamesche@online.microsoft.com[/email] (Jim Cheshire [MSFT]) wrote in message news:<wLpyg$PuDHA.1272@cpmsftngxa06.phx.gbl>...> Eric,
>
> No, you cannot. IIS handles that before ASP.NET has the opportunity in our
> current architecture.
>
> Jim Cheshire, MCSE, MCSD [MSFT]
> Developer Support
> ASP.NET
> [email]jamesche@online.microsoft.com[/email]
>
> This post is provided as-is with no warranties and confers no rights.
>
> --------------------> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>> >From: [email]elarsen70@yahoo.com[/email] (Eric Larsen)
> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> >Subject: Re: Redirect to default page using Windows Authentication
> >Date: 1 Dec 2003 12:58:26 -0800
> >Organization: [url]http://groups.google.com[/url]
> >Lines: 238
> >Message-ID: <61ab5a70.0312011258.1055e5bd@posting.google.com >
> >References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> <pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>
> <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
> <6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>> 20:58:27 GMT)> >NNTP-Posting-Host: 167.218.156.60
> >Content-Type: text/plain; charset=ISO-8859-1
> >Content-Transfer-Encoding: 8bit
> >X-Trace: posting.google.com 1070312307 30279 127.0.0.1 (1 Dec 2003> cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed 00.sul.t-online.de!t-onlin> >X-Complaints-To: [email]groups-abuse@google.com[/email]
> >NNTP-Posting-Date: Mon, 1 Dec 2003 20:58:27 +0000 (UTC)
> >Path:
> e.de!peernews3.colt.net!news0.de.colt.net!eusc.int er.net!priapus.visi.com!ze
> us.visi.com!news-out.visi.com!petbe.visi.com!newsfeed2.dallas1.leve l3.net!ne
> ws.level3.com!postnews1.google.com!not-for-mail> microsoft.public.dotnet.framework.aspnet.security: 7783> >Xref: cpmsftngxa06.phx.gbl> news:<6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>...> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> >
> >Can you not redirect to a custom error page for 401 errors? I see you
> >can redirect for the different 401 errors in IIS, but it does not seem
> >to work for every case. It looks like the Error 401.3 is created by a
> >.NET process. Is there a way to bypass .NET catching the error?
> >
> >Thanks,
> >Eric
> >
> >
> >jamesche@online.microsoft.com (Jim Cheshire [MSFT]) wrote in message> that> >> Dave,
> >>
> >> You cannot catch this with ASP.NET. Our spec for ASP.NET 1.0/1.1 is> changed> >> only 403, 404, and 500 errors are valid for customErrors. We have> in> >> that for the next version of ASP.NET, and you should be able to do this> microsoft.public.dotnet.framework.aspnet.security: 7663> >> ASP.NET 2.0.
> >>
> >> Jim Cheshire, MCSE, MCSD [MSFT]
> >> Developer Support
> >> ASP.NET
> >> [email]jamesche@online.microsoft.com[/email]
> >>
> >> This post is provided as-is with no warranties and confers no rights.
> >>
> >> --------------------
> >> >Content-Class: urn:content-classes:message
> >> >From: "Dave" <anonymous@discussions.microsoft.com>
> >> >Sender: "Dave" <anonymous@discussions.microsoft.com>
> >> >References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> >> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>
> >> <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> >> <pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>
> >> >Subject: RE: Redirect to default page using Windows Authentication
> >> >Date: Mon, 24 Nov 2003 13:06:52 -0800
> >> >Lines: 187
> >> >Message-ID: <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
> >> >MIME-Version: 1.0
> >> >Content-Type: text/plain;
> >> > charset="iso-8859-1"
> >> >Content-Transfer-Encoding: 7bit
> >> >X-Newsreader: Microsoft CDO for Windows 2000
> >> >X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
> >> >Thread-Index: AcOyzuIHne+BPDTwSz+E4bMQPmPxpQ==
> >> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> >> >Path: cpmsftngxa07.phx.gbl
> >> >Xref: cpmsftngxa07.phx.gbl> wininet> >> >NNTP-Posting-Host: tk2msftngxa13.phx.gbl 10.40.1.165
> >> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> >> >
> >> >That's just it. I'm not sure where to trap that error.
> >> >Initially I thought an HttpModule would be my only
> >> >option, but I'm not even sure if the Http Request will
> >> >get that far in the pipeline.
> >> >
> >> >The webserver may get intercept the request and return
> >> >that error before I can do any type of redirect on the
> >> >backend using asp.net.
> >> >
> >> >Dave.
> >> >
> >> >>-----Original Message-----
> >> >>Dave,
> >> >>
> >> >>That's correct. There's no way around that. The way> requesting does not> >> >>authentication works is that if the resource you are> browser. If the resource> >> >>allow anonymous access, a 401 is sent back to the> browser is configured to> >> >>is using Windows Integrated authentication and the> and the user is> >> >>automatically send credentials, the token is sent back> login prompt is> >> >>authenticated. In the case of Basic authentication, a> hijack the browser's> >> >>displayed and the user must log in.
> >> >>
> >> >>If you intercept the 401 and redirect somewhere, you> confers no rights.> >> >>ability to challenge. There is no way around that.
> >> >>
> >> >>Jim Cheshire, MCSE, MCSD [MSFT]
> >> >>Developer Support
> >> >>ASP.NET
> >> >>jamesche@online.microsoft.com
> >> >>
> >> >>This post is provided as-is with no warranties and> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>> >> >>
> >> >>--------------------
> >> >>>Content-Class: urn:content-classes:message
> >> >>>From: "Dave" <anonymous@discussions.microsoft.com>
> >> >>>Sender: "Dave" <anonymous@discussions.microsoft.com>
> >> >>>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>> Authentication> >> >>>Subject: RE: Redirect to default page using Windows> microsoft.public.dotnet.framework.aspnet.security> >> >>>Date: Tue, 18 Nov 2003 11:46:14 -0800
> >> >>>Lines: 104
> >> >>>Message-ID: <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> >> >>>MIME-Version: 1.0
> >> >>>Content-Type: text/plain;
> >> >>> charset="iso-8859-1"
> >> >>>Content-Transfer-Encoding: 7bit
> >> >>>X-Newsreader: Microsoft CDO for Windows 2000
> >> >>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
> >> >>>Thread-Index: AcOuDJ/1n4uo2nCoQJyNrXRXUzhJ9Q==
> >> >>>Newsgroups:> microsoft.public.dotnet.framework.aspnet.security: 7618> >> >>>Path: cpmsftngxa06.phx.gbl
> >> >>>Xref: cpmsftngxa06.phx.gbl> microsoft.public.dotnet.framework.aspnet.security> >> >>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
> >> >>>X-Tomcat-NG:> (User.Identity.IsAuthenticated> >> >>>
> >> >>>Jim,
> >> >>>
> >> >>>Thanks for the response. I guess I'm not following
> >> >>>where I would run the code you mentioned other than the
> >> >>>global.asax.
> >> >>>
> >> >>>I have the following code in there now...
> >> >>>
> >> >>>protected void Application_AuthenticateRequest(Object
> >> >>>sender, EventArgs e)
> >> >>> {
> >> >>>if ((Request.CurrentExecutionFilePath !
> >> >>>= "/MyApp/Index.aspx") &&> than> >> >>>== false))
> >> >>> {
> >> >>> Response.Redirect("Index.aspx");
> >> >>> }
> >> >>>}
> >> >>>
> >> >>>This works on the first attempt to view a page other> to> >> >>>index.aspx but when I try to click on a link that goes> fired> >> >>>a page secured by Basic Auth., the code above gets> have> >> >>>again and redirects me back to index.aspx. I don't> confers no rights.> >> >>>a chance to enter the login credentials.
> >> >>>
> >> >>>Dave.
> >> >>>
> >> >>>>-----Original Message-----
> >> >>>>Dave,
> >> >>>>
> >> >>>>You would have to redirect on the 401 response. As
> >> long
> >> as the connection
> >> >>>>with IIS is still held in cache (and it should be),
> >> this
> >> should work fine.
> >> >>>>(I haven't tested it, so don't hold me to it.)
> >> >>>>
> >> >>>>It would look something like this:
> >> >>>>
> >> >>>>if (HttpResponse.Status == '401 ACCESS DENIED')
> >> >>>>{
> >> >>>> Response.Redirect('login.aspx');
> >> >>>>}
> >> >>>>
> >> >>>>Jim Cheshire, MCSE, MCSD [MSFT]
> >> >>>>Developer Support
> >> >>>>ASP.NET
> >> >>>>jamesche@online.microsoft.com
> >> >>>>
> >> >>>>This post is provided as-is with no warranties and> Authentication> >> >>>>
> >> >>>>
> >> >>>>--------------------
> >> >>>>>Content-Class: urn:content-classes:message
> >> >>>>>From: "Dave" <anonymous@discussions.microsoft.com>
> >> >>>>>Sender: "Dave" <anonymous@discussions.microsoft.com>
> >> >>>>>Subject: Redirect to default page using Windows> V5.50.4910.0300> >> >>>>>Date: Tue, 18 Nov 2003 08:47:17 -0800
> >> >>>>>Lines: 22
> >> >>>>>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> >> >>>>>MIME-Version: 1.0
> >> >>>>>Content-Type: text/plain;
> >> >>>>> charset="iso-8859-1"
> >> >>>>>Content-Transfer-Encoding: 7bit
> >> >>>>>X-Newsreader: Microsoft CDO for Windows 2000
> >> >>>>>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
> >> >>>>>X-MimeOLE: Produced By Microsoft MimeOLE> microsoft.public.dotnet.framework.aspnet.security> >> >>>>>Newsgroups:> microsoft.public.dotnet.framework.aspnet.security: 7614> >> >>>>>Path: cpmsftngxa06.phx.gbl
> >> >>>>>Xref: cpmsftngxa06.phx.gbl> microsoft.public.dotnet.framework.aspnet.security> >> >>>>>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
> >> >>>>>X-Tomcat-NG:> application> >> >>>>>
> >> >>>>>Hi,
> >> >>>>>
> >> >>>>>Is there a way to redirect the user to a default,
> >> >>>>>anonymous, welcome or "splash" page for our> secured> >> >>>>>when using Windows authentication with Basic enabled?
> >> >>>>>
> >> >>>>>In other words, if a user attempts to access a> to> >> >>>>>page directly the first time, they will be redirected> setting "Favorites"> >> >>>>>the application's main entry point.
> >> >>>>>
> >> >>>>>I know this defeats the purpose of> on> >> >>>>>but we want to have updates, news, instructions, etc> >> >> >>>>>this anonymous welcome page so the user can see this
> >> >>>>>information. It will then have a link or button that
> >> >>>>>states "Click here to login". Ideally, it would take
> >> >>>>>them then to the orignal page they wanted.
> >> >>>>>
> >> >>>>>I know this can be done with Forms authentication.
> >> >>>>>
> >> >>>>>Thanks, Dave.
> >> >>>>>
> >> >>>>>
> >> >>>>>
> >> >>>>
> >> >>>>.
> >> >>>>
> >> >>>
> >> >>
> >> >>.
> >> >>
> >> >Eric Larsen Guest
-
Jim Cheshire [MSFT] #12 Re: Redirect to default page using Windows Authentication
Eric,
I'm afraid I don't know about that. I specialize in ASP.NET. You should
probably post in those groups.
Jim Cheshire, MCSE, MCSD [MSFT]
Developer Support
ASP.NET
[email]jamesche@online.microsoft.com[/email]
This post is provided as-is with no warranties and confers no rights.
--------------------<6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>>From: [email]elarsen70@yahoo.com[/email] (Eric Larsen)
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>Subject: Re: Redirect to default page using Windows Authentication
>Date: 5 Dec 2003 11:26:32 -0800
>Organization: [url]http://groups.google.com[/url]
>Lines: 297
>Message-ID: <61ab5a70.0312051126.108b2e99@posting.google.com >
>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
<014601c3ae0c$9ff59be0$a501280a@phx.gbl>
<pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>
<028901c3b2ce$e20a2a70$a501280a@phx.gbl>
<6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>
<61ab5a70.0312011258.1055e5bd@posting.google.com >
<wLpyg$PuDHA.1272@cpmsftngxa06.phx.gbl>19:26:32 GMT)>NNTP-Posting-Host: 167.218.156.230
>Content-Type: text/plain; charset=ISO-8859-1
>Content-Transfer-Encoding: 8bit
>X-Trace: posting.google.com 1070652392 15234 127.0.0.1 (5 Dec 2003cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTN GP08.phx.gbl!newsfeed00.su>X-Complaints-To: [email]groups-abuse@google.com[/email]
>NNTP-Posting-Date: Fri, 5 Dec 2003 19:26:32 +0000 (UTC)
>Path:
l.t-online.de!t-online.de!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!po
stnews1.google.com!not-for-mailmicrosoft.public.dotnet.framework.aspnet.security: 7785>Xref: cpmsftngxa07.phx.gblnews:<wLpyg$PuDHA.1272@cpmsftngxa06.phx.gbl>...>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
>Jim
>
>Thanks for the response, but when I configure the Custom Errors for
>401;3 in IIS, I still get the the generic message instead of the file
>that I set it display. All the other 401 errors go to the file, so I
>can not figure out why IIS is not handling 401.3 the way it is setup
>for that HTTP Error.
>
>Thanks,
>Eric
>
>jamesche@online.microsoft.com (Jim Cheshire [MSFT]) wrote in messageour>> Eric,
>>
>> No, you cannot. IIS handles that before ASP.NET has the opportunity incpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed 00.sul.t-online.de!t-onlin>> current architecture.
>>
>> Jim Cheshire, MCSE, MCSD [MSFT]
>> Developer Support
>> ASP.NET
>> [email]jamesche@online.microsoft.com[/email]
>>
>> This post is provided as-is with no warranties and confers no rights.
>>
>> -------------------->> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>>> >From: [email]elarsen70@yahoo.com[/email] (Eric Larsen)
>> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>> >Subject: Re: Redirect to default page using Windows Authentication
>> >Date: 1 Dec 2003 12:58:26 -0800
>> >Organization: [url]http://groups.google.com[/url]
>> >Lines: 238
>> >Message-ID: <61ab5a70.0312011258.1055e5bd@posting.google.com >
>> >References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
>> <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
>> <pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>
>> <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
>> <6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>>> 20:58:27 GMT)>> >NNTP-Posting-Host: 167.218.156.60
>> >Content-Type: text/plain; charset=ISO-8859-1
>> >Content-Transfer-Encoding: 8bit
>> >X-Trace: posting.google.com 1070312307 30279 127.0.0.1 (1 Dec 2003>>>> >X-Complaints-To: [email]groups-abuse@google.com[/email]
>> >NNTP-Posting-Date: Mon, 1 Dec 2003 20:58:27 +0000 (UTC)
>> >Path:e.de!peernews3.colt.net!news0.de.colt.net!eusc.int er.net!priapus.visi.com!ze>>us.visi.com!news-out.visi.com!petbe.visi.com!newsfeed2.dallas1.leve l3.net!ne>>this>> ws.level3.com!postnews1.google.com!not-for-mail>> microsoft.public.dotnet.framework.aspnet.security: 7783>> >Xref: cpmsftngxa06.phx.gbl>> news:<6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>...>> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>> >
>> >Can you not redirect to a custom error page for 401 errors? I see you
>> >can redirect for the different 401 errors in IIS, but it does not seem
>> >to work for every case. It looks like the Error 401.3 is created by a
>> >.NET process. Is there a way to bypass .NET catching the error?
>> >
>> >Thanks,
>> >Eric
>> >
>> >
>> >jamesche@online.microsoft.com (Jim Cheshire [MSFT]) wrote in message>> that>> >> Dave,
>> >>
>> >> You cannot catch this with ASP.NET. Our spec for ASP.NET 1.0/1.1 is>> changed>> >> only 403, 404, and 500 errors are valid for customErrors. We have>> >> that for the next version of ASP.NET, and you should be able to do>>> in>> microsoft.public.dotnet.framework.aspnet.security: 7663>> >> ASP.NET 2.0.
>> >>
>> >> Jim Cheshire, MCSE, MCSD [MSFT]
>> >> Developer Support
>> >> ASP.NET
>> >> [email]jamesche@online.microsoft.com[/email]
>> >>
>> >> This post is provided as-is with no warranties and confers no rights.
>> >>
>> >> --------------------
>> >> >Content-Class: urn:content-classes:message
>> >> >From: "Dave" <anonymous@discussions.microsoft.com>
>> >> >Sender: "Dave" <anonymous@discussions.microsoft.com>
>> >> >References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
>> >> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>
>> >> <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
>> >> <pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>
>> >> >Subject: RE: Redirect to default page using Windows Authentication
>> >> >Date: Mon, 24 Nov 2003 13:06:52 -0800
>> >> >Lines: 187
>> >> >Message-ID: <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
>> >> >MIME-Version: 1.0
>> >> >Content-Type: text/plain;
>> >> > charset="iso-8859-1"
>> >> >Content-Transfer-Encoding: 7bit
>> >> >X-Newsreader: Microsoft CDO for Windows 2000
>> >> >X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>> >> >Thread-Index: AcOyzuIHne+BPDTwSz+E4bMQPmPxpQ==
>> >> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>> >> >Path: cpmsftngxa07.phx.gbl
>> >> >Xref: cpmsftngxa07.phx.gbl>> wininet>> >> >NNTP-Posting-Host: tk2msftngxa13.phx.gbl 10.40.1.165
>> >> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>> >> >
>> >> >That's just it. I'm not sure where to trap that error.
>> >> >Initially I thought an HttpModule would be my only
>> >> >option, but I'm not even sure if the Http Request will
>> >> >get that far in the pipeline.
>> >> >
>> >> >The webserver may get intercept the request and return
>> >> >that error before I can do any type of redirect on the
>> >> >backend using asp.net.
>> >> >
>> >> >Dave.
>> >> >
>> >> >>-----Original Message-----
>> >> >>Dave,
>> >> >>
>> >> >>That's correct. There's no way around that. The way>> requesting does not>> >> >>authentication works is that if the resource you are>> browser. If the resource>> >> >>allow anonymous access, a 401 is sent back to the>> browser is configured to>> >> >>is using Windows Integrated authentication and the>> and the user is>> >> >>automatically send credentials, the token is sent back>> login prompt is>> >> >>authenticated. In the case of Basic authentication, a>> hijack the browser's>> >> >>displayed and the user must log in.
>> >> >>
>> >> >>If you intercept the 401 and redirect somewhere, you>> confers no rights.>> >> >>ability to challenge. There is no way around that.
>> >> >>
>> >> >>Jim Cheshire, MCSE, MCSD [MSFT]
>> >> >>Developer Support
>> >> >>ASP.NET
>> >> >>jamesche@online.microsoft.com
>> >> >>
>> >> >>This post is provided as-is with no warranties and>> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>>> >> >>
>> >> >>--------------------
>> >> >>>Content-Class: urn:content-classes:message
>> >> >>>From: "Dave" <anonymous@discussions.microsoft.com>
>> >> >>>Sender: "Dave" <anonymous@discussions.microsoft.com>
>> >> >>>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>>> Authentication>> >> >>>Subject: RE: Redirect to default page using Windows>> microsoft.public.dotnet.framework.aspnet.security>> >> >>>Date: Tue, 18 Nov 2003 11:46:14 -0800
>> >> >>>Lines: 104
>> >> >>>Message-ID: <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
>> >> >>>MIME-Version: 1.0
>> >> >>>Content-Type: text/plain;
>> >> >>> charset="iso-8859-1"
>> >> >>>Content-Transfer-Encoding: 7bit
>> >> >>>X-Newsreader: Microsoft CDO for Windows 2000
>> >> >>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>> >> >>>Thread-Index: AcOuDJ/1n4uo2nCoQJyNrXRXUzhJ9Q==
>> >> >>>Newsgroups:>> microsoft.public.dotnet.framework.aspnet.security: 7618>> >> >>>Path: cpmsftngxa06.phx.gbl
>> >> >>>Xref: cpmsftngxa06.phx.gbl>> microsoft.public.dotnet.framework.aspnet.security>> >> >>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
>> >> >>>X-Tomcat-NG:>> (User.Identity.IsAuthenticated>> >> >>>
>> >> >>>Jim,
>> >> >>>
>> >> >>>Thanks for the response. I guess I'm not following
>> >> >>>where I would run the code you mentioned other than the
>> >> >>>global.asax.
>> >> >>>
>> >> >>>I have the following code in there now...
>> >> >>>
>> >> >>>protected void Application_AuthenticateRequest(Object
>> >> >>>sender, EventArgs e)
>> >> >>> {
>> >> >>>if ((Request.CurrentExecutionFilePath !
>> >> >>>= "/MyApp/Index.aspx") &&>> than>> >> >>>== false))
>> >> >>> {
>> >> >>> Response.Redirect("Index.aspx");
>> >> >>> }
>> >> >>>}
>> >> >>>
>> >> >>>This works on the first attempt to view a page other>> to>> >> >>>index.aspx but when I try to click on a link that goes>> fired>> >> >>>a page secured by Basic Auth., the code above gets>> have>> >> >>>again and redirects me back to index.aspx. I don't>> confers no rights.>> >> >>>a chance to enter the login credentials.
>> >> >>>
>> >> >>>Dave.
>> >> >>>
>> >> >>>>-----Original Message-----
>> >> >>>>Dave,
>> >> >>>>
>> >> >>>>You would have to redirect on the 401 response. As
>> >> long
>> >> as the connection
>> >> >>>>with IIS is still held in cache (and it should be),
>> >> this
>> >> should work fine.
>> >> >>>>(I haven't tested it, so don't hold me to it.)
>> >> >>>>
>> >> >>>>It would look something like this:
>> >> >>>>
>> >> >>>>if (HttpResponse.Status == '401 ACCESS DENIED')
>> >> >>>>{
>> >> >>>> Response.Redirect('login.aspx');
>> >> >>>>}
>> >> >>>>
>> >> >>>>Jim Cheshire, MCSE, MCSD [MSFT]
>> >> >>>>Developer Support
>> >> >>>>ASP.NET
>> >> >>>>jamesche@online.microsoft.com
>> >> >>>>
>> >> >>>>This post is provided as-is with no warranties and>> Authentication>> >> >>>>
>> >> >>>>
>> >> >>>>--------------------
>> >> >>>>>Content-Class: urn:content-classes:message
>> >> >>>>>From: "Dave" <anonymous@discussions.microsoft.com>
>> >> >>>>>Sender: "Dave" <anonymous@discussions.microsoft.com>
>> >> >>>>>Subject: Redirect to default page using Windows>> V5.50.4910.0300>> >> >>>>>Date: Tue, 18 Nov 2003 08:47:17 -0800
>> >> >>>>>Lines: 22
>> >> >>>>>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
>> >> >>>>>MIME-Version: 1.0
>> >> >>>>>Content-Type: text/plain;
>> >> >>>>> charset="iso-8859-1"
>> >> >>>>>Content-Transfer-Encoding: 7bit
>> >> >>>>>X-Newsreader: Microsoft CDO for Windows 2000
>> >> >>>>>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
>> >> >>>>>X-MimeOLE: Produced By Microsoft MimeOLE>> microsoft.public.dotnet.framework.aspnet.security>> >> >>>>>Newsgroups:>> microsoft.public.dotnet.framework.aspnet.security: 7614>> >> >>>>>Path: cpmsftngxa06.phx.gbl
>> >> >>>>>Xref: cpmsftngxa06.phx.gbl>> microsoft.public.dotnet.framework.aspnet.security>> >> >>>>>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
>> >> >>>>>X-Tomcat-NG:>> application>> >> >>>>>
>> >> >>>>>Hi,
>> >> >>>>>
>> >> >>>>>Is there a way to redirect the user to a default,
>> >> >>>>>anonymous, welcome or "splash" page for our>> secured>> >> >>>>>when using Windows authentication with Basic enabled?
>> >> >>>>>
>> >> >>>>>In other words, if a user attempts to access a>> to>> >> >>>>>page directly the first time, they will be redirected>> setting "Favorites">> >> >>>>>the application's main entry point.
>> >> >>>>>
>> >> >>>>>I know this defeats the purpose of>> on>> >> >>>>>but we want to have updates, news, instructions, etc>> >> >>>>>this anonymous welcome page so the user can see this
>> >> >>>>>information. It will then have a link or button that
>> >> >>>>>states "Click here to login". Ideally, it would take
>> >> >>>>>them then to the orignal page they wanted.
>> >> >>>>>
>> >> >>>>>I know this can be done with Forms authentication.
>> >> >>>>>
>> >> >>>>>Thanks, Dave.
>> >> >>>>>
>> >> >>>>>
>> >> >>>>>
>> >> >>>>
>> >> >>>>.
>> >> >>>>
>> >> >>>
>> >> >>
>> >> >>.
>> >> >>
>> >> >
>> >Jim Cheshire [MSFT] Guest
-
Eric Larsen #13 Re: Redirect to default page using Windows Authentication
Jim
I will post a message in a IIS group, but I think this is a ASP.NET
problem. If I try and access a html file, the redirect works fine, it
is only when I am trying to access an aspx file that I get the 401.3
error page.
Thanks,
Eric
[email]jamesche@online.microsoft.com[/email] (Jim Cheshire [MSFT]) wrote in message news:<zTCWPE3uDHA.2212@cpmsftngxa07.phx.gbl>...> Eric,
>
> I'm afraid I don't know about that. I specialize in ASP.NET. You should
> probably post in those groups.
>
> Jim Cheshire, MCSE, MCSD [MSFT]
> Developer Support
> ASP.NET
> [email]jamesche@online.microsoft.com[/email]
>
> This post is provided as-is with no warranties and confers no rights.
>
> --------------------> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>> >From: [email]elarsen70@yahoo.com[/email] (Eric Larsen)
> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> >Subject: Re: Redirect to default page using Windows Authentication
> >Date: 5 Dec 2003 11:26:32 -0800
> >Organization: [url]http://groups.google.com[/url]
> >Lines: 297
> >Message-ID: <61ab5a70.0312051126.108b2e99@posting.google.com >
> >References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> <pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>
> <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
> <6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>
> <61ab5a70.0312011258.1055e5bd@posting.google.com >
> <wLpyg$PuDHA.1272@cpmsftngxa06.phx.gbl>> 19:26:32 GMT)> >NNTP-Posting-Host: 167.218.156.230
> >Content-Type: text/plain; charset=ISO-8859-1
> >Content-Transfer-Encoding: 8bit
> >X-Trace: posting.google.com 1070652392 15234 127.0.0.1 (5 Dec 2003> cpmsftngxa07.phx.gbl!cpmsftngxa06.phx.gbl!TK2MSFTN GP08.phx.gbl!newsfeed00.su> >X-Complaints-To: [email]groups-abuse@google.com[/email]
> >NNTP-Posting-Date: Fri, 5 Dec 2003 19:26:32 +0000 (UTC)
> >Path:
> l.t-online.de!t-online.de!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!po
> stnews1.google.com!not-for-mail> microsoft.public.dotnet.framework.aspnet.security: 7785> >Xref: cpmsftngxa07.phx.gbl> news:<wLpyg$PuDHA.1272@cpmsftngxa06.phx.gbl>...> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> >
> >Jim
> >
> >Thanks for the response, but when I configure the Custom Errors for
> >401;3 in IIS, I still get the the generic message instead of the file
> >that I set it display. All the other 401 errors go to the file, so I
> >can not figure out why IIS is not handling 401.3 the way it is setup
> >for that HTTP Error.
> >
> >Thanks,
> >Eric
> >
> >jamesche@online.microsoft.com (Jim Cheshire [MSFT]) wrote in message> our> >> Eric,
> >>
> >> No, you cannot. IIS handles that before ASP.NET has the opportunity in> 20:58:27 GMT)> >> current architecture.
> >>
> >> Jim Cheshire, MCSE, MCSD [MSFT]
> >> Developer Support
> >> ASP.NET
> >> [email]jamesche@online.microsoft.com[/email]
> >>
> >> This post is provided as-is with no warranties and confers no rights.
> >>
> >> --------------------
> >> >From: [email]elarsen70@yahoo.com[/email] (Eric Larsen)
> >> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> >> >Subject: Re: Redirect to default page using Windows Authentication
> >> >Date: 1 Dec 2003 12:58:26 -0800
> >> >Organization: [url]http://groups.google.com[/url]
> >> >Lines: 238
> >> >Message-ID: <61ab5a70.0312011258.1055e5bd@posting.google.com >
> >> >References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> >> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>
> >> <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> >> <pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>
> >> <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
> >> <6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>
> >> >NNTP-Posting-Host: 167.218.156.60
> >> >Content-Type: text/plain; charset=ISO-8859-1
> >> >Content-Transfer-Encoding: 8bit
> >> >X-Trace: posting.google.com 1070312307 30279 127.0.0.1 (1 Dec 2003> cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed 00.sul.t-online.de!t-onlin> >> >X-Complaints-To: [email]groups-abuse@google.com[/email]
> >> >NNTP-Posting-Date: Mon, 1 Dec 2003 20:58:27 +0000 (UTC)
> >> >Path:
> >>> e.de!peernews3.colt.net!news0.de.colt.net!eusc.int er.net!priapus.visi.com!ze> >>> us.visi.com!news-out.visi.com!petbe.visi.com!newsfeed2.dallas1.leve l3.net!ne> >>> microsoft.public.dotnet.framework.aspnet.security: 7783> >> ws.level3.com!postnews1.google.com!not-for-mail
> >> >Xref: cpmsftngxa06.phx.gbl> news:<6KI1yNtsDHA.3428@cpmsftngxa07.phx.gbl>...> >> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> >> >
> >> >Can you not redirect to a custom error page for 401 errors? I see you
> >> >can redirect for the different 401 errors in IIS, but it does not seem
> >> >to work for every case. It looks like the Error 401.3 is created by a
> >> >.NET process. Is there a way to bypass .NET catching the error?
> >> >
> >> >Thanks,
> >> >Eric
> >> >
> >> >
> >> >jamesche@online.microsoft.com (Jim Cheshire [MSFT]) wrote in message> that> >> >> Dave,
> >> >>
> >> >> You cannot catch this with ASP.NET. Our spec for ASP.NET 1.0/1.1 is> changed> >> >> only 403, 404, and 500 errors are valid for customErrors. We have> this> >> >> that for the next version of ASP.NET, and you should be able to do
> in> microsoft.public.dotnet.framework.aspnet.security: 7663> >> >> ASP.NET 2.0.
> >> >>
> >> >> Jim Cheshire, MCSE, MCSD [MSFT]
> >> >> Developer Support
> >> >> ASP.NET
> >> >> [email]jamesche@online.microsoft.com[/email]
> >> >>
> >> >> This post is provided as-is with no warranties and confers no rights.
> >> >>
> >> >> --------------------
> >> >> >Content-Class: urn:content-classes:message
> >> >> >From: "Dave" <anonymous@discussions.microsoft.com>
> >> >> >Sender: "Dave" <anonymous@discussions.microsoft.com>
> >> >> >References: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> >> >> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>
> >> >> <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> >> >> <pyVgyarrDHA.2320@cpmsftngxa07.phx.gbl>
> >> >> >Subject: RE: Redirect to default page using Windows Authentication
> >> >> >Date: Mon, 24 Nov 2003 13:06:52 -0800
> >> >> >Lines: 187
> >> >> >Message-ID: <028901c3b2ce$e20a2a70$a501280a@phx.gbl>
> >> >> >MIME-Version: 1.0
> >> >> >Content-Type: text/plain;
> >> >> > charset="iso-8859-1"
> >> >> >Content-Transfer-Encoding: 7bit
> >> >> >X-Newsreader: Microsoft CDO for Windows 2000
> >> >> >X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
> >> >> >Thread-Index: AcOyzuIHne+BPDTwSz+E4bMQPmPxpQ==
> >> >> >Newsgroups: microsoft.public.dotnet.framework.aspnet.security
> >> >> >Path: cpmsftngxa07.phx.gbl
> >> >> >Xref: cpmsftngxa07.phx.gbl> wininet> >> >> >NNTP-Posting-Host: tk2msftngxa13.phx.gbl 10.40.1.165
> >> >> >X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
> >> >> >
> >> >> >That's just it. I'm not sure where to trap that error.
> >> >> >Initially I thought an HttpModule would be my only
> >> >> >option, but I'm not even sure if the Http Request will
> >> >> >get that far in the pipeline.
> >> >> >
> >> >> >The webserver may get intercept the request and return
> >> >> >that error before I can do any type of redirect on the
> >> >> >backend using asp.net.
> >> >> >
> >> >> >Dave.
> >> >> >
> >> >> >>-----Original Message-----
> >> >> >>Dave,
> >> >> >>
> >> >> >>That's correct. There's no way around that. The way> requesting does not> >> >> >>authentication works is that if the resource you are> browser. If the resource> >> >> >>allow anonymous access, a 401 is sent back to the> browser is configured to> >> >> >>is using Windows Integrated authentication and the> and the user is> >> >> >>automatically send credentials, the token is sent back> login prompt is> >> >> >>authenticated. In the case of Basic authentication, a> hijack the browser's> >> >> >>displayed and the user must log in.
> >> >> >>
> >> >> >>If you intercept the 401 and redirect somewhere, you> confers no rights.> >> >> >>ability to challenge. There is no way around that.
> >> >> >>
> >> >> >>Jim Cheshire, MCSE, MCSD [MSFT]
> >> >> >>Developer Support
> >> >> >>ASP.NET
> >> >> >>jamesche@online.microsoft.com
> >> >> >>
> >> >> >>This post is provided as-is with no warranties and> <6CkFOwfrDHA.2464@cpmsftngxa06.phx.gbl>> >> >> >>
> >> >> >>--------------------
> >> >> >>>Content-Class: urn:content-classes:message
> >> >> >>>From: "Dave" <anonymous@discussions.microsoft.com>
> >> >> >>>Sender: "Dave" <anonymous@discussions.microsoft.com>
> >> >> >>>References: <018001c3adf3$a0978a90$a101280a@phx.gbl>> Authentication> >> >> >>>Subject: RE: Redirect to default page using Windows> microsoft.public.dotnet.framework.aspnet.security> >> >> >>>Date: Tue, 18 Nov 2003 11:46:14 -0800
> >> >> >>>Lines: 104
> >> >> >>>Message-ID: <014601c3ae0c$9ff59be0$a501280a@phx.gbl>
> >> >> >>>MIME-Version: 1.0
> >> >> >>>Content-Type: text/plain;
> >> >> >>> charset="iso-8859-1"
> >> >> >>>Content-Transfer-Encoding: 7bit
> >> >> >>>X-Newsreader: Microsoft CDO for Windows 2000
> >> >> >>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
> >> >> >>>Thread-Index: AcOuDJ/1n4uo2nCoQJyNrXRXUzhJ9Q==
> >> >> >>>Newsgroups:> microsoft.public.dotnet.framework.aspnet.security: 7618> >> >> >>>Path: cpmsftngxa06.phx.gbl
> >> >> >>>Xref: cpmsftngxa06.phx.gbl> microsoft.public.dotnet.framework.aspnet.security> >> >> >>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
> >> >> >>>X-Tomcat-NG:> (User.Identity.IsAuthenticated> >> >> >>>
> >> >> >>>Jim,
> >> >> >>>
> >> >> >>>Thanks for the response. I guess I'm not following
> >> >> >>>where I would run the code you mentioned other than the
> >> >> >>>global.asax.
> >> >> >>>
> >> >> >>>I have the following code in there now...
> >> >> >>>
> >> >> >>>protected void Application_AuthenticateRequest(Object
> >> >> >>>sender, EventArgs e)
> >> >> >>> {
> >> >> >>>if ((Request.CurrentExecutionFilePath !
> >> >> >>>= "/MyApp/Index.aspx") &&> than> >> >> >>>== false))
> >> >> >>> {
> >> >> >>> Response.Redirect("Index.aspx");
> >> >> >>> }
> >> >> >>>}
> >> >> >>>
> >> >> >>>This works on the first attempt to view a page other> to> >> >> >>>index.aspx but when I try to click on a link that goes> fired> >> >> >>>a page secured by Basic Auth., the code above gets> have> >> >> >>>again and redirects me back to index.aspx. I don't> confers no rights.> >> >> >>>a chance to enter the login credentials.
> >> >> >>>
> >> >> >>>Dave.
> >> >> >>>
> >> >> >>>>-----Original Message-----
> >> >> >>>>Dave,
> >> >> >>>>
> >> >> >>>>You would have to redirect on the 401 response. As
> >> >> long
> >> >> as the connection
> >> >> >>>>with IIS is still held in cache (and it should be),
> >> >> this
> >> >> should work fine.
> >> >> >>>>(I haven't tested it, so don't hold me to it.)
> >> >> >>>>
> >> >> >>>>It would look something like this:
> >> >> >>>>
> >> >> >>>>if (HttpResponse.Status == '401 ACCESS DENIED')
> >> >> >>>>{
> >> >> >>>> Response.Redirect('login.aspx');
> >> >> >>>>}
> >> >> >>>>
> >> >> >>>>Jim Cheshire, MCSE, MCSD [MSFT]
> >> >> >>>>Developer Support
> >> >> >>>>ASP.NET
> >> >> >>>>jamesche@online.microsoft.com
> >> >> >>>>
> >> >> >>>>This post is provided as-is with no warranties and> Authentication> >> >> >>>>
> >> >> >>>>
> >> >> >>>>--------------------
> >> >> >>>>>Content-Class: urn:content-classes:message
> >> >> >>>>>From: "Dave" <anonymous@discussions.microsoft.com>
> >> >> >>>>>Sender: "Dave" <anonymous@discussions.microsoft.com>
> >> >> >>>>>Subject: Redirect to default page using Windows> V5.50.4910.0300> >> >> >>>>>Date: Tue, 18 Nov 2003 08:47:17 -0800
> >> >> >>>>>Lines: 22
> >> >> >>>>>Message-ID: <018001c3adf3$a0978a90$a101280a@phx.gbl>
> >> >> >>>>>MIME-Version: 1.0
> >> >> >>>>>Content-Type: text/plain;
> >> >> >>>>> charset="iso-8859-1"
> >> >> >>>>>Content-Transfer-Encoding: 7bit
> >> >> >>>>>X-Newsreader: Microsoft CDO for Windows 2000
> >> >> >>>>>Thread-Index: AcOt86CVOxfr0qBrQki1cS1gMBOKEA==
> >> >> >>>>>X-MimeOLE: Produced By Microsoft MimeOLE> microsoft.public.dotnet.framework.aspnet.security> >> >> >>>>>Newsgroups:> microsoft.public.dotnet.framework.aspnet.security: 7614> >> >> >>>>>Path: cpmsftngxa06.phx.gbl
> >> >> >>>>>Xref: cpmsftngxa06.phx.gbl> microsoft.public.dotnet.framework.aspnet.security> >> >> >>>>>NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
> >> >> >>>>>X-Tomcat-NG:> application> >> >> >>>>>
> >> >> >>>>>Hi,
> >> >> >>>>>
> >> >> >>>>>Is there a way to redirect the user to a default,
> >> >> >>>>>anonymous, welcome or "splash" page for our> secured> >> >> >>>>>when using Windows authentication with Basic enabled?
> >> >> >>>>>
> >> >> >>>>>In other words, if a user attempts to access a> to> >> >> >>>>>page directly the first time, they will be redirected> setting "Favorites"> >> >> >>>>>the application's main entry point.
> >> >> >>>>>
> >> >> >>>>>I know this defeats the purpose of> on> >> >> >>>>>but we want to have updates, news, instructions, etc> >> >> >> >>>>>this anonymous welcome page so the user can see this
> >> >> >>>>>information. It will then have a link or button that
> >> >> >>>>>states "Click here to login". Ideally, it would take
> >> >> >>>>>them then to the orignal page they wanted.
> >> >> >>>>>
> >> >> >>>>>I know this can be done with Forms authentication.
> >> >> >>>>>
> >> >> >>>>>Thanks, Dave.
> >> >> >>>>>
> >> >> >>>>>
> >> >> >>>>>
> >> >> >>>>
> >> >> >>>>.
> >> >> >>>>
> >> >> >>>
> >> >> >>
> >> >> >>.
> >> >> >>
> >> >> >
> >> >Eric Larsen Guest
Reply With QuoteSimilar Questions and Discussions
Posting Permissions
- You may not post new threads
- You may post replies
- You may not post attachments
- You may not edit your posts
