Users are not redirected to the page that contains the custom error message when you design an application that uses impersonation in ASP.NET

Article translations Article translations
Article ID: 902239 - View products that this article applies to.
Expand all | Collapse all

On This Page

SYMPTOMS

When you design an application that uses impersonation in Microsoft ASP.NET, users are not redirected to the page that contains the custom error message.

You implement impersonation by using the following code.
<authentication mode="Windows" /> 
<identity impersonate="true" userName="Domain\User" password="Password"/>
This problem occurs when you use the following code in the Web.config file.
<customErrors mode="On" >
<error statusCode="401" redirect="unauthorized.htm" />
</customErrors>

WORKAROUND

To work around this problem, redirect to the custom error page by using the following code in the Global.asax file.
Sub Application_Error(ByVal sender As Object, ByVal e As EventArgs)
' This exception is raised when an error occurs.
Dim ex As Exception = Server.GetLastError().GetBaseException()

If ex.GetType Is Type.GetType("System.UnauthorizedAccessException") Then
Server.ClearError()
Response.Redirect("unauthorized.htm")
End If
End Sub

MORE INFORMATION

Steps to reproduce the problem

  1. Create a virtual directory. Set the virtual directory to use Integrated Microsoft Windows Authentication.
  2. Create a sample .aspx file that contains server side code. Name the file Sample.aspx. Put the file in the virtual directory that you created in step 1.
  3. For all accounts except the ASPNET account, deny NTFS file system permissions on the Sample.aspx file.
  4. Create a Web.config file that uses the following code. Put the file in the virtual directory that you created in step 1.
    <customErrors mode="On" >
    <error statusCode="401" redirect="unauthorized.htm" />
    </customErrors>
    
    <authentication mode="Windows" /> 
    <identity impersonate="true" userName="Domain\User" password="Password"/>
    
  5. Create an HTML file that contains custom text. Name the file Unauthorized.htm. Put the file in the virtual directory that you created in step 1.
  6. In a browser, view the Sample.aspx file. You are not redirected to the Unauthorized.htm file.

Properties

Article ID: 902239 - Last Review: June 13, 2005 - Revision: 1.2
APPLIES TO
  • Microsoft ASP.NET 1.1
Keywords: 
kbtshoot kbprb KB902239

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com