«

Hi,

Within a web application, I have secured folder/aspx pages using the
location tag in web.config.

Now whenever an unauthorized user tries to access that page, a popup dialog
is displayed - which i dont want.
I want to show a nicer message like 'you dont have access to this area' on a
possibly redirected page.

How can I do that?

TIA.

Other configuration:
- Under IIS security, only integrated authentication is allowed. (All others
are unchecked)
- Under web.config, I have secured the pages using location tag with roles
set to Active Directory groups.

Hello,

You may take a look at customErrors tag in web.config:

http://msdn.microsoft.com/library/de...us/cpgenref/ht
ml/gngrfcustomerrorssection.asp

When you found a special error occur, you can redirect customer a special
page by this setting. (This error message page should be able to accessed
by everyone)

Hope this help,

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

Thanks but that didnt help.

Within system.web, here is what I added (beside the authorization block):

<customErrors defaultRedirect="~/noaccess.htm" mode="RemoteOnly">
<error statusCode="401.2" redirect="~/noaccess.htm"/>
</customErrors>

Still the login dialog is displayed and user is given 3 attempts to login
successfully.
What I am trying to do is to redirect user to noaccess page without showing
any login dialog.


"MSFT" <> wrote in message
news:...
> Hello,
>
> You may take a look at customErrors tag in web.config:
>
>
http://msdn.microsoft.com/library/de...us/cpgenref/ht
> ml/gngrfcustomerrorssection.asp
>
> When you found a special error occur, you can redirect customer a special
> page by this setting. (This error message page should be able to accessed
> by everyone)
>
> Hope this help,
>
> Luke
> Microsoft Online Support
>
> Get Secure! www.microsoft.com/security
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>

To disable the Login dialog, you may make some changes on the virtual
directory's security, for example, use intergrated windows authentication
instead of basic authentication.

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

If you which to get rid of the dialog, then you need to allow anonymous
access and handle your security some other way, for example form
authentication.

Luke
Microsoft Online Support

Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)