asp.net C# error 401.2 redirect

Hello,

I have an application where I list in the web.config certain users who are allowed into certain pages using the following:

<authorization>
        <deny users="?"/>
        <allow users="username01,username02,etc "/>
        <deny users="*"/>
      </authorization>

Also, I have the following in the web.config:

<authorization>
      <!--<allow users ="*" />-->
      <deny users="?"/>
     
    </authorization>

    <authentication mode="Windows">
      <forms loginUrl="~/Default.aspx" name=".ASPXFORMSAUTH" />
    </authentication>

   
    <customErrors mode="On" defaultRedirect="GenericErrorPage.aspx">
      <!--Bad Request code -->
      <error statusCode="400" redirect="GenericErrorPage.aspx" />
      <!--Access Unauthorized / Denied code -->
      <error statusCode="401" redirect="GenericErrorPage.aspx" />
      <!--Forbidden Request code -->
      <error statusCode="403" redirect="GenericErrorPage.aspx" />
      <!--Page Not Found code -->
      <error statusCode="404" redirect="GenericErrorPage.aspx" />
    </customErrors>

MY QUESTION:
When I remove a certain user from the list of authorized users, I get an error 401.2
(
Access is denied.
  Description: An error occurred while accessing the resources required to serve this request. The server may not be configured for access to the requested URL.

 Error message 401.2.: Unauthorized: Logon failed due to server configuration.  Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server.  Contact the Web server's administrator for additional assistance.)

I am trying to find a way to redirect users to a "genericerrorpage.aspx" page

ANY  help would be greatly appreciated.
Codeaddict7423Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Kyle AbrahamsSenior .Net DeveloperCommented:
from:
http://www.codeproject.com/Articles/11202/Redirecting-to-custom-page-when-quot-Access-de

 protected void Application_EndRequest(Object sender, 
                                             EventArgs e)
  { 
     HttpContext context = HttpContext.Current;
     if (context.Response.Status.Substring(0,3).Equals("401"))
     {
        context.Response.ClearContent();
        context.Response.Write("<script language="javascript">" + 
                     "self.location='../GenericErrorPage.aspx';</script>");
     } 
  }

Open in new window


You should also add a location path and grant anyone access to the genericErrorPage.aspx.
0
Codeaddict7423Author Commented:
Hello,

Thank you for the quick reply.
Do I add this to the codebehind on each page that is not allowed access?
0
Kyle AbrahamsSenior .Net DeveloperCommented:
It goes in the global.asax   for the end_request.

The location paths go in the webconfig.
            https://msdn.microsoft.com/en-us/library/b6x6shw7%28v=vs.71%29.aspx

(Essentially you want anyone to be able to view the generic error  page)

<location path="GenericErrorPage.aspx">
   <system.web>
         <authorization>
            <allow users="?"/>
         </authorization>
      </system.web>
   </location>
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Codeaddict7423Author Commented:
I still get this error indication from VS20010. Please see attached
error-msg-to-EE.jpg
0
Codeaddict7423Author Commented:
Hello,

I was able to get this to work in the Global.asax file

  if (Response.StatusCode == 401)
                Response.Redirect("UnauthorizedAccess.aspx");
0
Kyle AbrahamsSenior .Net DeveloperCommented:
just a note the quotes weren't being escaped:

  context.Response.Write("<script language=\"javascript\">" +
                     "self.location='../GenericErrorPage.aspx';</script>");
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP.NET

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.