 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Security / January 2005Custom Error pages
Hi All, I have a windows authenticated web site - a sub directory has been secured by denying various roles. When access is denied the default error page for 401.2 is displayed - How can I customise my own access denied page? I have tried custom error tags in the web.config but that doesnt seem to work, nor does changing the IIS error page settings. Any ideas? Cheers, Rich You can attempt to customise the page (and IIS will send the customised page - you can check using network sniffer), but it is up to the browser to decide what to display. Most (if not all) browsers will *not* display custom content when the HTTP status from the server is 401 - they will either display a logon dialogue box -or- they will display an "access denied" error message (after three, or whatever, failed attempts). This is a security measure on the part of the browser. What you would need to do is intercept the 401.2 HTTP status, and change it to something else (eg 200 OK), and then you can server whatever content you want. Cheers Ken > Hi All, > [quoted text clipped - 10 lines] > Cheers, > Rich Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.