Home/ Questions/Q 8279131
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T09:14:03+00:00

I’m trying to redirect unauthorized users to a custom page when they are accessing

  • 0

I’m trying to redirect unauthorized users to a custom page when they are accessing administrator pages but I’m getting errors..

Web.Config For Administrator Folder

<?xml version="1.0"?>
<configuration>
  <system.web>
    <authorization>
      <allow roles="Administrators" />
      <deny users="*"/>
    </authorization>
  </system.web>
</configuration>

Login page code:

protected void Page_Load(object sender, EventArgs e)
        {
            if (!Page.IsPostBack)
            {
                if (Request.IsAuthenticated && !string.IsNullOrEmpty(Request.QueryString["ReturnUrl"]))
                    Response.Redirect("~/ErrorUNTH.aspx");
            }
}

ERRORS After loggin as NORMAL USER and accessing Administrator page:

Server Error in '/' Application.
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.

Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off".


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="Off"/>
    </system.web>
</configuration>


Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL.


<!-- Web.Config Configuration File -->

<configuration>
    <system.web>
        <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
    </system.web>
</configuration>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Remove <deny users="*"/> and add <deny users="?"/>

    1. ? – Anonymous user
    2. * – all users

    And also remove the code from Page_Load event.

    If user is not logged then will redirected automatically to login.aspx. Take a look at <authentication> section of root web.config.

    <authentication mode="Forms">
        <forms loginUrl ="mylogin.aspx"/> <!-- You can change the url -->
</authentication>
    • 0