Professional Web Applications Themes

Suppressing logon window - ASP.NET Security

Hi, Within a web application, I have secured folder/aspx pages using the location tag in web.config. Now whenever an unauthorized user tries to access that page, a popup dialog is displayed - which i dont want. I want to show a nicer message like 'you dont have access to this area' on a possibly redirected page. How can I do that? TIA. Other configuration: - Under IIS security, only integrated authentication is allowed. (All others are unchecked) - Under web.config, I have secured the pages using location tag with roles set to Active Directory groups....

  1. #1

    Default Suppressing logon window

    Hi,

    Within a web application, I have secured folder/aspx pages using the
    location tag in web.config.

    Now whenever an unauthorized user tries to access that page, a popup dialog
    is displayed - which i dont want.
    I want to show a nicer message like 'you dont have access to this area' on a
    possibly redirected page.

    How can I do that?

    TIA.

    Other configuration:
    - Under IIS security, only integrated authentication is allowed. (All others
    are unchecked)
    - Under web.config, I have secured the pages using location tag with roles
    set to Active Directory groups.



    1SALz Guest

  2. #2

    Default RE: Suppressing logon window

    Hello,

    You may take a look at customErrors tag in web.config:

    [url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpgenref/ht[/url]
    ml/gngrfcustomerrorssection.asp

    When you found a special error occur, you can redirect customer a special
    page by this setting. (This error message page should be able to accessed
    by everyone)

    Hope this help,

    Luke
    Microsoft Online Support

    Get Secure! [url]www.microsoft.com/security[/url]
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)

    MSFT Guest

  3. #3

    Default Re: Suppressing logon window

    Thanks but that didnt help.

    Within system.web, here is what I added (beside the authorization block):

    <customErrors defaultRedirect="~/noaccess.htm" mode="RemoteOnly">
    <error statusCode="401.2" redirect="~/noaccess.htm"/>
    </customErrors>

    Still the login dialog is displayed and user is given 3 attempts to login
    successfully.
    What I am trying to do is to redirect user to noaccess page without showing
    any login dialog.


    "MSFT" <lukezhanonline.microsoft.com> wrote in message
    news:c4EiiSfnDHA.576cpmsftngxa06.phx.gbl...
    > Hello,
    >
    > You may take a look at customErrors tag in web.config:
    >
    >
    [url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpgenref/ht[/url]
    > ml/gngrfcustomerrorssection.asp
    >
    > When you found a special error occur, you can redirect customer a special
    > page by this setting. (This error message page should be able to accessed
    > by everyone)
    >
    > Hope this help,
    >
    > Luke
    > Microsoft Online Support
    >
    > Get Secure! [url]www.microsoft.com/security[/url]
    > (This posting is provided "AS IS", with no warranties, and confers no
    > rights.)
    >

    1SALz Guest

  4. #4

    Default Re: Suppressing logon window

    To disable the Login dialog, you may make some changes on the virtual
    directory's security, for example, use intergrated windows authentication
    instead of basic authentication.

    Luke
    Microsoft Online Support

    Get Secure! [url]www.microsoft.com/security[/url]
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)

    MSFT Guest

  5. #5

    Default Re: Suppressing logon window

    If you which to get rid of the dialog, then you need to allow anonymous
    access and handle your security some other way, for example form
    authentication.

    Luke
    Microsoft Online Support

    Get Secure! [url]www.microsoft.com/security[/url]
    (This posting is provided "AS IS", with no warranties, and confers no
    rights.)

    MSFT Guest

Similar Threads

  1. Suppressing check for version number
    By djfilms9 in forum Macromedia Shockwave
    Replies: 0
    Last Post: January 17th, 02:06 PM
  2. Logon window
    By Carolann in forum Windows Server
    Replies: 2
    Last Post: June 14th, 02:39 PM
  3. suppressing header output
    By Alex Meaden in forum PHP Development
    Replies: 2
    Last Post: December 30th, 02:27 AM
  4. Suppressing second recordset from stored procedure
    By A_X_L_V in forum ASP Database
    Replies: 5
    Last Post: November 6th, 09:54 PM
  5. Suppressing return messages
    By Byron Barnette in forum IBM DB2
    Replies: 2
    Last Post: June 30th, 02:48 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139