I successfully implemented role based authorization in ASP.NET. When a person does not have the needed role he gets to see an error page for 401.2 not authorized.
What I would like to accomplish now is to have a custom 401 page in my application and have it redirected there via settings in the web.config. I tried this:
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="401" redirect="NoAccess.htm" />
</customErrors>
But this does not get caught. Do I have to override it in IIS instead? I hope not as that would make getting things deployed harder.
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…