D
Dan
hi ng,
i have a problem with windows authentification.
i want to forward every user who
1. is not authorized
2. or could not be authenticated
to a login page
-------------------
The scenario is an intranet application that can be used by some defined
active directory users.
web.config is like:
<system.web>
....
<authentication mode="Windows" />
<authorization>
<deny users="*" />
</authorization>
</system.web>
<location path="private">
<system.web>
<authorization>
<allow users="x,y,z" />
</authorization>
</system.web>
</location>
<location path="Public">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
global.asax looks like:
protected void Application_EndRequest(Object sender, EventArgs e)
{ if((User.Identity.IsAuthenticated)&&(Response.StatusCode ==
401))
{
Response.Redirect("~/Public/Login.aspx");
}
}
----------------------
it is working when one of the x,y,z users enters the application with
the correct password or a domain user who is not x,y or z tries to enter
the application (with the correct password).
but it is not working when a user is not in active directory or a active
directory user enters a wrong password because in this cases, the user
could not be authenticated.
but i cannot redirect every not authenticated user, because before the
windows authentication form has been submitted, every request is not
authenticated, right?
i am getting a bit desparate, since i already have posted my problem,
with no replies.
maybe i am now able to describe the problem more clear.
thank you very much in advance for any help or suggestions
dan
i have a problem with windows authentification.
i want to forward every user who
1. is not authorized
2. or could not be authenticated
to a login page
-------------------
The scenario is an intranet application that can be used by some defined
active directory users.
web.config is like:
<system.web>
....
<authentication mode="Windows" />
<authorization>
<deny users="*" />
</authorization>
</system.web>
<location path="private">
<system.web>
<authorization>
<allow users="x,y,z" />
</authorization>
</system.web>
</location>
<location path="Public">
<system.web>
<authorization>
<allow users="*" />
</authorization>
</system.web>
</location>
global.asax looks like:
protected void Application_EndRequest(Object sender, EventArgs e)
{ if((User.Identity.IsAuthenticated)&&(Response.StatusCode ==
401))
{
Response.Redirect("~/Public/Login.aspx");
}
}
----------------------
it is working when one of the x,y,z users enters the application with
the correct password or a domain user who is not x,y or z tries to enter
the application (with the correct password).
but it is not working when a user is not in active directory or a active
directory user enters a wrong password because in this cases, the user
could not be authenticated.
but i cannot redirect every not authenticated user, because before the
windows authentication form has been submitted, every request is not
authenticated, right?
i am getting a bit desparate, since i already have posted my problem,
with no replies.
maybe i am now able to describe the problem more clear.
thank you very much in advance for any help or suggestions
dan