发表新帖
发表新帖

How to use custom Errors page in Windows Authentication

后端 未结
关注
3 1800
眼角桃花
眼角桃花 2020-12-19 13:54

I am using asp.net 3.5 web.config to limit access and it works great.
相关标签:
3条回答
  • 忘了有多久
    2020-12-19 14:23

    change :

    <customErrors mode="RemoteOnly" />

    The mode attribute can be one of the following:

    * On – error details are not shown to anybody, even local users. If you specified a custom error page it will be always used.
* Off – everyone will see error details, both local and remote users. If you specified a custom error page it will NOT be used.
* RemoteOnly – local users will see detailed error pages with a stack trace and compilation details, while remote users with be presented with a concise page notifying them that an error occurred. If a custom error page is available, it will be shown to the remote users only.

    Displaying a concise yet not-so-pretty error page to visitors is still not good enough, so you need to put together a custom error page and specify it this way:

    <customErrors
       mode="RemoteOnly" 
       defaultRedirect="~/errors/GeneralError.aspx" 
/>
    0 讨论(0)
  • 甜味超标
    2020-12-19 14:40

    You won't see it - custom error pages are served by the ASP.NET application, but Windows auth is served up by IIS itself.

    Now you can set IIS to use different error pages. For IIS7 this needs a separate configuration section;

    <system.webServer>
  <httpErrors errorMode="Custom" existingResponse="Auto">
    <error statusCode="403" 
           subStatusCode="-1" 
           prefixLanguageFilePath="" 
           path="C:\inetpub\wwwroot\errors\403.htm" 
           responseMode="File" />
  </httpErrors>
</system.webServer>

    And you'll need to ensure the app pool user has access to that path.

    0 讨论(0)
  • 清酒与你
    2020-12-19 14:43

    Not having tested this in other scenarios, but looking at some of the suggestions from this detailed article for a similar problem.

    The other problem turned out to be:

    the access to the error page was blocked by the authorization requirements.

    The solution was to use a attribute in the web.config. refer to the link for more detailed explanation but here's a snippet:

    <!-- in the same root web config file-->
<configuration>
    <system.web>
        <authorization>
        <allow users="Bill, John"/>
        <deny users="?" />
        </authorization>
    </system.web>

    <!-- the page specific authorization-->   
    <location path="GenericErrorPage.htm"> <!-- other ones for your other pages-->
        <system.web>
        <authorization>
        <allow users="*" />
        </authorization>
        </system.web>
    </location>

</configuration>
    0 讨论(0)
 看不清?
提交回复
热议问题