Re: asp.net windows authentication
- From: bruce barker <nospam@xxxxxxxxxx>
- Date: Thu, 02 Oct 2008 22:37:12 -0700
this is normal. if the browser requests a resource and get a 401 (access denied), the browser asks a new login. you could write a handler that checked for the 401 and if the user had sent a valid login, redirect to an access denied page instead of responding with a 401.
-- bruce (sqlwork.com)
DK wrote:
I have an intranet application I've built using asp.net 3.5 / running on.
IIS6.
The problem: when a user trys to access a page that they do not have access to, they are given the annoying windows authentication popup, which is useless because they are denied in the web.config file. After 3 tries or hitting cancel, they are then directed to the Access Denied page.
How can I get rid of that popup ???
In my main web.config I have this:
<authentication mode="Windows"/>
<authorization>
<deny users="?"/>
</authorization>
other web.configs would look like this:
<system.web>
<authorization>
<allow roles="MyDomain\AllowedRoles"/>
<deny users="*"/>
</authorization>
In IIS6 under Directory Security > Authentication Methods everything is cleared except Integrated Windows Authentication.
There's another app on another server in our domain that is set up the exact same way (as far as I can tell) and you go directly to the Access Denied page. There must be something stupid that I'm missing.
It's not the end of the world but I'd like to solve this.....Thanks.
- References:
- asp.net windows authentication
- From: DK
- asp.net windows authentication
- Prev by Date: Re: ComboBox DropDownWidth
- Next by Date: licensing an asp.net application
- Previous by thread: Re: asp.net windows authentication
- Next by thread: Full page calendar
- Index(es):
Relevant Pages
|
