I have a web application on C#, I have specified some security to allow

Question

0

Asked: May 23, 20262026-05-23T02:22:53+00:00 2026-05-23T02:22:53+00:00

I have a web application on C#, I have specified some security to allow

0

I have a web application on C#, I have specified some security to allow only 3 users to enter the site:

<authentication mode="Windows"/>
<authorization>
    <allow users="DOMAIN\john,DOMAIN\mary,DOMAIN\jesus" />
    <deny users="*" />
</authorization>

It seems that the permission works since they can enter but people with other logons cannot enter (this is ok).

The problem now is how to catch the 401.2 error, without touching IIS, to intercept the Access is denied error and redirect the user to a user-friendly aspx page.

I tried to add some code on global.asasx Application_OnError but it doesn’t work.

How can I redirect user to a errors subfolder like /errors/AccessDenied.aspx page when they are not authorized?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-23T02:22:54+00:00

Add custom error section in your web.config like

<customErrors mode="On" defaultRedirect="/ErrorPages/AppError.html">
    <error statusCode="401" redirect="/ErrorPages/401-2.html" />
</customErrors>

IF that doesn’t workout you can try adding the following code in your Global.asax

PrivateSub Global_EndRequest(ByVal sender AsObject, ByVal e As System.EventArgs) HandlesMyBase.EndRequest
If Response.StatusCode = 401 AndAlso Request.IsAuthenticated = TrueThen
Response.ClearContent()
Server.Execute("~/ErrorPages/401-2.html")
EndIf
EndSub

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a web application on C#, I have specified some security to allow

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply