Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. Users are not redirected to the page that contains the custom error message when you design an application that uses impersonation in ASP.NET

Users are not redirected to the page that contains the custom error message when you design an application that uses impersonation in ASP.NET

View products that this article applies to.

Symptoms

When you design an application that uses impersonation in Microsoft ASP.NET, users are not redirected to the page that contains the custom error message.

You implement impersonation by using the following code. 
<authentication mode="Windows" /> 
<identity impersonate="true" userName="Domain\User" password="Password"/>
This problem occurs when you use the following code in the Web.config file. 
<customErrors mode="On" >
<error statusCode="401" redirect="unauthorized.htm" />
</customErrors>

↑ Back to the top

Workaround

To work around this problem, redirect to the custom error page by using the following code in the Global.asax file. 
Sub Application_Error(ByVal sender As Object, ByVal e As EventArgs)
' This exception is raised when an error occurs.
Dim ex As Exception = Server.GetLastError().GetBaseException()

If ex.GetType Is Type.GetType("System.UnauthorizedAccessException") Then
Server.ClearError()
Response.Redirect("unauthorized.htm")
End If
End Sub

↑ Back to the top

More information

Steps to reproduce the problem

  1. Create a virtual directory. Set the virtual directory to use Integrated Microsoft Windows Authentication.
  2. Create a sample .aspx file that contains server side code. Name the file Sample.aspx. Put the file in the virtual directory that you created in step 1.
  3. For all accounts except the ASPNET account, deny NTFS file system permissions on the Sample.aspx file.
  4. Create a Web.config file that uses the following code. Put the file in the virtual directory that you created in step 1. 
    <customErrors mode="On" >
<error statusCode="401" redirect="unauthorized.htm" />
</customErrors>

<authentication mode="Windows" /> 
<identity impersonate="true" userName="Domain\User" password="Password"/>
  5. Create an HTML file that contains custom text. Name the file Unauthorized.htm. Put the file in the virtual directory that you created in step 1.
  6. In a browser, view the Sample.aspx file. You are not redirected to the Unauthorized.htm file.

↑ Back to the top

Keywords: KB902239, kbprb, kbtshoot

↑ Back to the top

Article Info
Article ID : 902239
Revision : 3
Created on : 6/13/2005
Published on : 6/13/2005
Exists online : False
Views : 243