Securing pages

Topics: Web Client Software Factory, User Forum
May 18, 2007 at 2:36 PM
Hi, i have several pages that i don’t want to show in navigation but want to secure via permission system provided by WCSF. To achive this i have mapped urls of this pages to rules in modules web.config without registering them in navigation system in module initialize class. When a user without sufficient permission navigates to one of these pages he sees the error message provided below. Any ideas how to catch this in code and show a friendly "Access Denied" page to the user ?
Thanks in advance.

Server Error in '/DevelopmentWebsite' Application.

This type of page is not served.
Description: The type of page you have requested is not served because it has been explicitly forbidden. The extension '.aspx' may be incorrect. Please review the URL below and make sure that it is spelled correctly.

Requested URL: /DevelopmentWebsite/HumanResources/EmployeeEdit.aspx
May 28, 2007 at 6:03 PM
Hi, try doing this:

  1. Change the mode attribute of the <customErrors> element to On in the root Web.config file to redirect to a custom Access Denied page when access is not granted.
  2. Add the <error> element to handle this kind of error.
For your convenience here is the code:
<customErrors mode="On">
        <error statusCode="403" redirect="~/Errors/AccessDenied.htm"/>

Let me know if this helps you,

Ezequiel Jadib
May 29, 2007 at 4:51 AM
Hi Ezequiel, thanks for your help. It worked like a charm.
Feb 6, 2008 at 5:13 PM
Hi, I'm getting into the same problem here.
What I actually want is that when the user tries to navigate to a page where I've disabled access.
Sav for example

italics<rule Url="~/" Rule="Everyone" />italics

It should automatically navigate to the logon page so that the user can login and be taken to this page.
I'm having more issues, but perhaps solving this will also solve the others.
Thanks. I