Re: Detecting Failed Authorization
From: Ken Dopierala Jr. (kdopierala2_at_wi.rr.com)
Date: 11/30/04
- Next message: Manuel: "Private Variables in a WebForm"
- Previous message: Travis Murray: "Re: String Array as function return...."
- In reply to: Bijoy Naick: "Re: Detecting Failed Authorization"
- Next in thread: Bijoy Naick: "Re: Detecting Failed Authorization"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 30 Nov 2004 15:29:49 -0600
Hi Bijoy,
It is the If statement:
If (appHTTP.Request.IsAuthenticated = True) Then
I think this fires, after every authentication request and before the user
is redirected to any login page. But I might be wrong. Look at the Else
statement in the code below:
If (appHTTP.Request.IsAuthenticated = True) Then
'do nothing
Else 'Now you know you have a failed auth.
'*********Right here redirect your failed auth user
'whereever you want before they get redirected to
'the login page.
End If
If this doesn't work post back here and we'll figure out something else.
Good luck! Ken.
-- Ken Dopierala Jr. For great ASP.Net web hosting try: http://www.webhost4life.com/default.asp?refid=Spinlight If you sign up under me and need help, email me. "Bijoy Naick" <b_naick@yahoo.ca> wrote in message news:uvfPIDy1EHA.1524@TK2MSFTNGP09.phx.gbl... > Ken, > > Thanks for the response.. I don't understand how the code you provided will > detect a "failed AUTHORIZATION". It will probably detect a failed > "AUTHENTICATION" attempt. > > Am I missing something? > > Bijoy > > > "Ken Dopierala Jr." <kdopierala2@wi.rr.com> wrote in message > news:OkSRt$x1EHA.3468@TK2MSFTNGP14.phx.gbl... > > Hi Bijoy, > > > > This might work for you. It is what I use. It goes in your global.asax > > file. Ken. > > > > Sub Application_AuthenticateRequest(ByVal sender As Object, ByVal e As > > EventArgs) > > Dim appHTTP As HttpApplication = CType(sender, HttpApplication) > > > > 'Check if the user is authenticated. > > If (appHTTP.Request.IsAuthenticated = True) Then > > 'Do nothing. > > Else > > 'Redirect where you want the user to go. > > 'Here you can also find out what page they > > 'were trying to get to and customize your > > 'response accordingly. > > End If > > End Sub > > > > Good luck! Ken. > > > > -- > > Ken Dopierala Jr. > > For great ASP.Net web hosting try: > > http://www.webhost4life.com/default.asp?refid=Spinlight > > If you sign up under me and need help, email me. > > > > "Bijoy Naick" <b_naick@yahoo.ca> wrote in message > > news:uy7wokx1EHA.1400@TK2MSFTNGP11.phx.gbl... > > > I've implemented forms authentication and authorization on my > application. > > > In my Web.Config, my authorization section looks like this.. > > > > > > <authorization> > > > <allow roles="admin" /> > > > <deny users="*" /> > > > </authorization> > > > > > > If an authenticated user, who is NOT designated the role "admin" > attempts > > > to access this folder, he/she is simply redirected to the login page. > > > > > > How do I detect a failed authorization and display a meaninfull error > msg? > > I > > > found an article which came up with solution : > > > > > > Sub Global_EndRequest(ByVal sender As Object, ByVal e As > System.EventArgs) > > > Handles MyBase.EndRequest > > > If User.Identity.IsAuthenticated And Response.StatusCode = "401" > Then > > > Response.Redirect("test.aspx") > > > End If > > > End Sub > > > > > > When I implement this, and the the situation described above occurs, the > > > application seems to hang.. ie. the user isn't allowed into the > > application > > > but it never redirects to test.aspx. > > > > > > Any suggestions?? > > > > > > Bijoy > > > > > > > > > > > >
- Next message: Manuel: "Private Variables in a WebForm"
- Previous message: Travis Murray: "Re: String Array as function return...."
- In reply to: Bijoy Naick: "Re: Detecting Failed Authorization"
- Next in thread: Bijoy Naick: "Re: Detecting Failed Authorization"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
