ashv27
asked on
How to explicitly raise an HTTP error?
Hi,
I'm currently developping with ASP.NET using C# and I wanted to know if it's possible to raise an HTTP error explicitly. I want, for example, a forbidden 403 error to be displayed when the user tries to access certain pages or click on certain links. I would be grateful if someone could help. Thanks...
Ash.
I'm currently developping with ASP.NET using C# and I wanted to know if it's possible to raise an HTTP error explicitly. I want, for example, a forbidden 403 error to be displayed when the user tries to access certain pages or click on certain links. I would be grateful if someone could help. Thanks...
Ash.
ASKER
Thanks for your reply. Is there any other way of achieving this without directly redirecting the user to the error page. I'm repeating myself, but is it possible to raise the error and let IIS do the redirection?
I don't know of a line of code that you can write to just throw your choice of error but it would be useful.
IIS does a server.transfer to whatever page is configured as the error page, so just emulating its behaviour is another option.
IIS does a server.transfer to whatever page is configured as the error page, so just emulating its behaviour is another option.
you can do that with server side language scripting....
In php...
<?php
if ((!isset($PHP_AUTH_USER)) ||
(!isset($PHP_AUTH_PW)) ||
($PHP_AUTH_USER != "guest") ||
($PHP_AUTH_PW != "guest"))
{
header('WWW-Authenticate: Basic realm="Private Area"');
header("HTTP/1.1 401 Unauthorized");
print "This page requires authorisation.";
exit();
}
else
{
print "You're through to the secret page, was the effort worth it?";
}
?>
In php...
<?php
if ((!isset($PHP_AUTH_USER)) ||
(!isset($PHP_AUTH_PW)) ||
($PHP_AUTH_USER != "guest") ||
($PHP_AUTH_PW != "guest"))
{
header('WWW-Authenticate: Basic realm="Private Area"');
header("HTTP/1.1 401 Unauthorized");
print "This page requires authorisation.";
exit();
}
else
{
print "You're through to the secret page, was the effort worth it?";
}
?>
Why do you want to do this, by the way?
If it's your intention to actually trip the internal access denied routine in IIS for logging purposes or whatever, then neither my nor the above solution will really work.
If it's your intention to actually trip the internal access denied routine in IIS for logging purposes or whatever, then neither my nor the above solution will really work.
ASKER
The reason is that I have several pages which take their parameters from their respective url by the GET method (query string) and would like to thow a 403 forbidden error if the pages are called without the proper parameters in the url.
well the ASP.NET Version of the PHP Header is
Response.AddHeader(name,va
but im not sure if "HTTP/1.1 401 Unauthorized" is the name or value
Response.AddHeader(name,va
but im not sure if "HTTP/1.1 401 Unauthorized" is the name or value
give this a go:
void Page_Load(Object src, EventArgs args) {
// raise an intentional exception to get the ball rolling
throw new ApplicationException("This
}
void Page_Error(Object sender, EventArgs args) {
Response.Write("Error:\n")
Exception e = Server.GetLastError();
Trace.Write("Message",e.Me
Trace.Write("Source",e.Sou
Trace.Write("Stack Trace",e.StackTrace);
Response.Write("Sorry, an error was encountered.");
Context.ClearError();
}
void Page_Load(Object src, EventArgs args) {
// raise an intentional exception to get the ball rolling
throw new ApplicationException("This
}
void Page_Error(Object sender, EventArgs args) {
Response.Write("Error:\n")
Exception e = Server.GetLastError();
Trace.Write("Message",e.Me
Trace.Write("Source",e.Sou
Trace.Write("Stack Trace",e.StackTrace);
Response.Write("Sorry, an error was encountered.");
Context.ClearError();
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi,
Thanks for your posts. venkateshwarr's approach sounded promising; i even tried it using PHP, but it only echoes the message following the header without any server redirection to the appropriate error page.
crimsonIE your solution shows what to do once the error is thrown but not how to explicitly throw the error. Anyway i think that i'll make my own custom error pages as you suggested, and do the redirection myself when the need arises.
Thanks again...
Thanks for your posts. venkateshwarr's approach sounded promising; i even tried it using PHP, but it only echoes the message following the header without any server redirection to the appropriate error page.
crimsonIE your solution shows what to do once the error is thrown but not how to explicitly throw the error. Anyway i think that i'll make my own custom error pages as you suggested, and do the redirection myself when the need arises.
Thanks again...
I would just redirect the user to a page that all users are explicitly denied access to if I had a real need to only ever use the IIS error page.