[英]Redirect unauthorized users asp net
I'm working on a simple website in asp.net. 我正在asp.net上创建一个简单的网站。 I would like to restric access to the side, so that only users in a specific AD group is allowed.
我想限制对侧的访问,以便只允许特定AD组中的用户。 I have done that and it is working fine.
我已经做到了,它工作正常。 But when a user that's not in the AD group tries to access the site, they are getting a login prompt.
但是,当不在AD组中的用户尝试访问该站点时,他们会收到登录提示。 How do I redirect the unauthorized user to a custom page, instead of they getting the login prompt?
如何将未经授权的用户重定向到自定义页面,而不是他们获取登录提示?
Below is my web.config. 下面是我的web.config。 The lowest part of the code, is something i tried but did not work.
代码的最低部分是我尝试过但没有用的东西。
<configuration>
<system.web>
<compilation debug="true" targetFramework="4.0" />
<authentication mode="Windows"/>
<authorization>
<allow roles="DOMAIN\GROUP"/>
<deny users="*"/>
</authorization>
</system.web>
<location path="AccessDenied.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
</configuration>
I have added this to the Global.asax.cs: 我已将此添加到Global.asax.cs:
protected void Application_EndRequest(Object sender, EventArgs e)
{
if (HttpContext.Current.Response.Status.StartsWith("401"))
{
HttpContext.Current.Response.ClearContent();
Server.Execute("AccessDenied.aspx");
}
}
Any ideas ? 有任何想法吗 ?
EDIT: I tried some of the posted solutions, but they did not work. 编辑:我尝试了一些已发布的解决方案,但它们没有用。 But I got it working with this code:
但是我使用了这段代码:
void Application_EndRequest(object sender, System.EventArgs e)
{
if (((Response.StatusCode == 401)
&& (Request.IsAuthenticated == true)))
{
Response.ClearContent();
Response.Redirect("~/AccessDenied.aspx");
}
}
}
You can use Response.Redirect
or Server.Transfer
您可以使用
Response.Redirect
或Server.Transfer
Response.Redirect("AccessDenied.aspx");
Full example: 完整示例:
protected void Application_EndRequest(Object sender, EventArgs e)
{
if (HttpContext.Current.Response.Status.StartsWith("401"))
{
HttpContext.Current.Response.ClearContent();
Response.Redirect("AccessDenied.aspx");
}
}
Assuming you want to handle all "Unauthorized" errors: 假设您要处理所有“未授权”错误:
<customErrors defaultRedirect="Error.aspx" mode="On">
<error statusCode="401" redirect="Unauthorized.aspx" />
<error statusCode="403" redirect="Forbidden.aspx" />
</customErrors>
Any 401 (unauthorized) requests will be forwarded to Unauthorized.aspx. 任何401(未经授权的)请求都将转发给Unauthorized.aspx。
I had more success with this: 我在这方面取得了更大的成功:
// This is a workaround for the fact that we are not using MVC and its attributes
// This is the situation where a user is logged in - but not authorized for this page
void Application_EndRequest (object sender, System.EventArgs e)
{
if (((Response.StatusCode == 302) && (Request.IsAuthenticated == true)))
{
try
{
string sLoc = Response.Headers ["Location"];
if (sLoc.Contains ("Login"))
{
Response.ClearContent ();
Response.Redirect ("~/AccessDenied.aspx");
}
}
catch
{
}
}
}
<authorization>
<!--<allow users="*"/>-->This here means allow everyone .
<allow users="AD"/> -- Add this group to AD domain .
<deny users="?"/> --Deny unknown users(Not authenticated)
<allow roles="Admins"/> --If you have created roles .
If you have local group than use <allow user ="AD">
but you have to register it to AD domain . 如果您有本地组而不是使用
<allow user ="AD">
但是您必须将其注册到AD域。 <allow roles ="AD" />
will work only with Domain AD groups not for local groups . <allow roles ="AD" />
仅适用于不适用于本地组的域AD组。
protected void Application_EndRequest(Object sender,EventArgs e)
{
HttpContext context = HttpContext.Current;
if (context.Response.Status.Substring(0,3).Equals("401"))
{
context.Response.ClearContent();
//do redirect here
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.