Security :: Keeps Redirected To 401 Unauthorized Page?
Aug 26, 2010
I keep redirected to a "401 Unauthorized" page, which is the Login page. It first loads a 302 Found (Failed to load source for: http://localhost:4558) page then
I have a summary page that has an Add New Record button, andEdit Record butto and a Delete Record button.Every user has ReadOnly access.However, only users with administrators Access Level can add, edit, delete, view.Users with Staffers Access Level can only Add records but cannot delete or edit.So, basically, 2 access Levels, Administrators, Staffers.Administrators can view, add, delete, update records.The rest, Staffers, can only view and Add records.I am struggling to figure this out.I have done this a ton of times using Classic ASP, something like:
If AccessLevel <> "Administrator" Then Response.Redirect"login.asp" 'so if user has admin password, s/he ccan log in with that. End if
[code]...
4 different groups will be using the system, each will be redirected to their own summary page based on their groupNumber.All I just want now is to ensure that a user from a particular group is redirected to his/her summary page, then that user is checked again against AccessLevel (view, edit, delete, update).
I have written custom code for login and logout...When use clicks on logout button the current session is closed and user is redirected to a login.aspx page...The problem is that when a user click a back button on internet explorer it the previous page he was navigating is shown to him...(altough he cant perform any operation as session is null and their is condition in page load that if session is null user should be redirected to login page)May i have to clear cache of client ??
For a testproject I use two Login pages. I order to do that I use a dispatcher page:
Dispatcher:
[Code]....
I then just redirect in the dispatcher to the real login-page according to the ReturnUrl. So far so good. The only problem I have is that I don't get redirected to the ReturnUrl once I'm logged in... Of course I add the ReturnUrl to the forwarded Login-Page (/Admin/Login.aspx?ReturnUrl=...).
this is a bit of a strange one. have my front page of my intranet site and I am trying to pull an RSS feed from a subdirectory forum.
Root Default.aspx --->Forum --->Rssfeed.aspx
On my default.aspx I can pull RSS Feeds from the BBC or any other external website so my code is working fine but when I try and pull a RSS feed from my local server I get "The remote server returned an error: (401) Unaithorized".Now, if I go to the Forum directory within IIS and change the directory secutiry from "Integrated Windows Authentication" to "Enable anonymous access" the RSS comes through to the front page without any errors, however, the forum requires "Integrated Windows Authentication" to be enable to that my users can post on the forum. If I turn both on then Windows authentication is still ignored for my users when they visit the forum.I have hardcoded my credentials in to the Default.aspx.cs to see if that helps but I still get Unauthorized message.My code is here:
[Code]....
As you can see I have tried a couple of different ways to get the credentials to work, it just seems to ignore my credentials and I have full admin access to the server and when I visit the forum it picks up my username.
I have created a page with a ReportViewer on it and have connected it to our reporting server. The problem is thou i get that error message: "The request failed with HTTP status 401: Unauthorized. "when i try to view it. It only works when i run the project in debug mode in CS 2008.Also my site is based on Integrated Windows authentication.
I have implemented a custom ErrorController with NoAccess Action returning the View "~/Error/NoAccess" (not inside the Shared folder).
I have also modified the web.config file and add a custom error "<error statusCode="403" redirect="~/Error/NoAccess" />" node.
Each time i enter to an anauthorized page, i get redirected to the logon page (even though i am already logged on). I would to modify the default asp.net mvc authorization functionality and each time a user tries to enter a page that is not authorized to get an "NoAccess" page instead of redirecting to the login page.
Ihave a controller that returns System.Web.Mvc.FilePathResult
I do return this.File(filename, contentType, download name);
This action is called when user is clicked on a link and I have made $("a[rel='popup']").colorbox();
.So whenever a user clicks on the links It takes to the controller method and the file Shown in the colour box.
Now I am facing an issue it is like If a user is logged in to my site and open a page , where links are shown and the user goes away from his seat (ie session expires) Then he come back and clicks on the link .At that time my application breaks as there is no valid session.
So tried to return View("LogOn"); when session is null.
But as still it is not redirected to the I think it is because of the colorbox
I should be redirected to the log in page Even if I am taking a Color box ?
I am redirecting users to a specific page based on some criteria. I know I can pass some url parameters indicating that there was a redirect. But is there any other way to tell it without turning to the url string?
I have a page containing a form which can be accessed from two pages. I want to set a button on this page depending on the page from which I redirect.
For eg., if I redirect from page 1, the button should be back to page 1 and I redirect from page 2, the button should be back to page 2. I don't want it to be a back button by the way.
How can I set this condition? Url.Action redirects to a page but how can I get the page from which I have redirected?
Also the form which when submitted should redirect back to the page from which the form page has been accessed.
So i want to run a single .net 4 web page in one folder, but there will be older classic asp files in that folder that have to work.
so say i have..
Order (folder)
orderitem.asp
shoppingcart.asp
i want the shoppingcart to work as classi asp (no change)
But i want the order.asp page to be redirected and parameters for that page to redirect to MVC say ordercontroler.. order actionview and have the redirected link as order/order/23420984 from order/orderitem.asp?part=23420984
Using Role based (Active directory groups) authorization, I am able to control the access to various web pages. If an unauthorized user reaches a web page, a small popup comes up (as shown in the attached bit map) asking for credentials. If the user clicks on "Cancel" button on the popup, it shows "Access denied" error.
Instead of showing the standard "Access denied" error, I want to redirect to another .aspx page with a more meaningful message.
I have three pages calculator1.aspx, calculator2.aspx and Menu.aspx. On each calculator page i have a button that redirect me to Menu page and on Menu page i have to go back to Calculator1 or calculator2 page from where the request initiated. So how can i differentiate from which page my request come when im on Menu page.
I inserted a record in my database and if it is successful, then, it will automatically redirected on a certain page. However, when I click on the BACK button of the browser, it will bring back of course the previous page and at the same time, the data that I encoded still appear. How am be able my page that if in case my users click on the Back button of the browser it will redirect on a certain page or if not, the entries will not appear.
I had a website project which worked fine. I have converted it into a web application project in VS 2010. Now when I start the project from VS my login page is never loaded because when it tries to load images, scripts, css all the requests are redirected back to login page.
However if I setup a website under my local IIS to use the folder where the project is the website works no problem.
I have created a test web app to play with. And it does pretty much the same. Login page cannot load an image because the request is redirected. Here is what I've got.
Requests to this Application Remaining: 140 No. Time of Request File Status Code Verb 1 11/30/2010 10:57:20 AM default.aspx 302 GET View Details 2 11/30/2010 10:57:20 AM login1.aspx 200 GET View Details 3 11/30/2010 10:57:22 AM bcb.jpeg 302 GET View Details 4 11/30/2010 10:57:22 AM login1.aspx 200 GET View Details
I have myown login page.If any user access any page directly(without login),i want to redirect unauthorized user to login page....How it possible.....Using Generic Handler is there any chance? or how can i do it ?
I was on the MyApplication/Submit.aspx but after a wait of 30 minutes when I hit the submit button it got redirected to the above page with that long string.
I did not have any session variables in my application. Then why this redirection.
Also I could not find any error log from Application_Error method.
i have a gridveiw with single column [ many rows] and that single column is displayin an image, i want that if any one clicks on image it will be redirected to another page
What might cause this? Seems to be happening at random on a site I created. A user will for example be filing in a form, and when they click Save, it will flash to the login page as if the session has expired, but it will still show them logged in, and if they click back and save again it will work. It's not confined to the one page either, it just seemingly at random acts like the session has expired when it hasn't.
I am doing a simple secured site using the login control. I would like users to be redirected to their dashboard page once they log in, but after that if they choose to browse I do NOT want them redirected based on their login status. I am using the generic template provided in VWD with the basic login setup in the template including the tabbed ASP menu control - nothing fancy, nothing custom. This is intended to be something very simple and quick. Here is the code I am using for the page load...
[Code]....
So if I do this code WITHOUT the "IsPostBack", logged in users are always redirected to their dashboard and cannot see the hompage. However with that IsPostBack test, the redirect after initial login doesn't work.
I know this is extremely basic and simple, but I am restarting with this stuff after a year away, and I need a nudge.
I'm trying to connect to a site using digest authentication but it continuously gives "401 - Unauthorized" even the password is correct. Here's the sample code I'm using:
I wrote a web services with Windows authentication, when i consume this WS from my app inside my network all work great, but when I consume this WS outside my network the WS return "The request failed with HTTP status 401: Unauthorized"I'd try the URL in an explorer page and all works great.In my app I use this:
