Windows Authentication - redirect 401 errors RRS feed

  • Question

  • Hi!

    I've developed a web application in VB.NET using Windows Authentication, and authorisation is achieved through the role manager using Windows domain groups.  Therefore, as long as you are a valid user you can navigate through the app to your heart's content.

    However, unauthorised users are prompted with a login box asking for valid credentials to proceed, and if they do not provide this they are treated to the very friendly 401.2 Access Denied IIS error page.  

    What I would like is a solution that does not prompt the user at all but simply directs them to a customised Access Denied page.  I know I can use the solution provide in this example (http://social.msdn.microsoft.com/Forums/en-US/sharepointcustomization/thread/85535249-33de-43ea-bfa5-1c9cf4b52d2b) to overcome the IIS 401.2 page and use my own customised page, but this still prompts the user for credentials.

    The closest I have gotten to resolving this is using the solution outlined here - http://www.codeproject.com/Articles/11202/Redirecting-to-custom-401-page-when-quot-Access-de - which avoids the login prompt and redirects the user.  Brilliant!  The only problem with this is that if a valid user is using the application and then they are idle for more than 1 minute they are also redirected to the Access Denied page.  Looking at the web connection in perfmon I can see the Web Connection for my website persisting for 60 seconds and then dropping off.  And once this happens, it doesn't matter what the user clicks on, they will be directed to the Access Denied page.  From there they can click on another link and they will be re-authenitcated.

    It's as though the application has forgotten the user credentials, and as opposed to re-authenticating, just treats them as an invalid user.  I want to find a solution that can handle this so a user is re-authenticated before they are redirected to my Access Denied page.

    Any ideas anyone?

    • Moved by Mike Feng Wednesday, March 20, 2013 12:25 PM
    Tuesday, March 19, 2013 9:29 AM

All replies