Last post Aug 23, 2016 02:14 AM by Rovastar
Aug 18, 2016 05:02 PM|joegreen2005|LINK
I'm using windows authentication and would like to redirect unauthenticated users to a custom error page using web.config file. I do not have a login page. I did this but it's not working:
<compilation debug="true" targetFramework="4.5.1" />
<httpRuntime targetFramework="4.5.1" />
<authentication mode="Windows" />
<deny users="*" /> <allow users="username" />
<error statusCode="401" redirect="http://google.com" />
Any idea what mistake I'm making?
Aug 19, 2016 09:50 AM|Chris Zhao|LINK
First, make sure Windows authentication is enabled in IIS. Second, try this
<httpErrors errorMode="Custom" existingResponse="Replace">
<remove statusCode="401" />
<error statusCode="401" path="/Errors/NotFound" responseMode="ExecuteURL" />
Here is an
article explains some basic fundamentals which will hopefully help in understanding a lot easier.
Aug 19, 2016 11:54 PM|Rovastar|LINK
You will likely get a load of problems with this method.
401s are a natural part of the handshake. Connecting and getting a challenge response will get 401 http status codes.
Blocking 401s will block the handshake and many legitimate clients will be blocked.
Aug 21, 2016 09:50 AM|joegreen2005|LINK
Thanks Rovastar. Are you saying that there is no way redirect using web.config? Since only handful of people will need access, I'm trying to find an easier way than having a login form. Only handful of people need access and I want to deny access for rest.
Users are in AD. Can someone suggest best way to go about this. Thanks
Aug 23, 2016 02:14 AM|Rovastar|LINK
allow/remove NTFS permissions for the standard way of allowing access.