如果用户取消身份验证提示,我可以将其重定向到另一个页面吗?
在IIS6上,使用NTLM身份验证(即集成Windows身份验证)如果用户取消身份验证请求,如何将他们重定向到另一个页面?我不能只在 web.config 中获取 401(尝试过)或 401.1(不是 int)。
如果问题是 401 状态,我无法重定向,因为我故意推动 401 以获得响应,是吗?那么,当他们取消浏览器挑战时,我该如何捕获呢?
澄清一下,如果我打开 Firefox 并导航到 IWA 页面,它会显示一个对话框(假设我没有在 about:config 中配置该对话框),然后我键入要使用的 Windows 凭据。我想阻止他们停止那个盒子。
我希望 IIS6/7 上的每个应用程序都有此行为。在我们迁移到 IIS7 之前我最初问过这个问题,所以任何答案都可以在两者之间改变。
我需要根据用户取消 401 Auth 请求(即 401.1 错误代码)重定向每个应用程序,而不是每个服务器。
On IIS6, using NTLM Authentication (meaning Integrated Windows Authentication) if the user cancels the authentication request, how can I redirect them to another page? I can't just grab 401 (tried) or 401.1 (not an int) in the web.config.
I can't redirect if the issue is a 401 status because I'm intentionally pushing for a 401 to get the response, yeah? So how do I capture when they canceled on the browser challenge?
To clarify, if I open Firefox and navigate to an IWA page, it shows me a dialog (assuming I haven't configured that away in about:config) and I key in the windows credentials to use. I want to prevent them stopping that box.
I want this behavior per-app on IIS6/7. I asked it initially before we migrated to IIS7, so any answer can be altered between the two.
I need to redirect per-app, not per-server, based on the user canceling 401 Auth request (meaning 401.1 error code).
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
某些响应类型不会传递到 .NET 进行处理。相反,它们必须在 IIS 级别进行处理。如果您想要基于响应的不同页面,那么您需要转到 IIS 管理器并找到控制错误页面的部分(根据您使用的 IIS 版本,它会有所不同)。
然后添加您要捕获的状态代码,并将其指定为您希望浏览器定向到的页面。
我知道您提到了 IIS 6,但我无权访问其中一台服务器。对于 IIS 7,单击该站点。转到 IIS >错误页面部分。单击添加。输入代码 (401.1) 并为其指定网站页面的路径。确保匿名者可以访问该页面。
您还可以在 web.config 中处理此问题(请参阅 Microsoft Docs 了解更多详细信息):
在 web.config 的错误部分中执行以下操作(作为示例):
我不知道您是否可以使用 .aspx 页面来实现此目的,但它确实看起来像这样。然而,它们可能必须是完全独立的。
有关
HttpResponse.SubStatusCode
的 Microsoft 文档为Some response types aren't passed to .NET for processing. Instead, they have to be handled at the IIS level. If you want a different page based on the response, then you need to go to IIS Manager and find the section that controls Error Pages (it's different depending on the IIS version you are using).
Then add the status code you want to capture and give it the page you want the browser to be directed to.
I know you mentioned IIS 6, but I don't have access to one of those servers. For IIS 7, click on the site. Go to the IIS > Error Pages section. Click Add. Type in the code (401.1) and give it a path to a page on your site. Make sure that page is accessible for anonymous.
You can also handle this in your web.config (see Microsoft Docs for more details):
In the errors section of your web.config do the following (as an example):
I don't know if you can use .aspx pages for this, but it sure looks like it. However, they will probably have to be completely self-contained.
Microsoft documentation on
HttpResponse.SubStatusCode
is on MSDN. According to them it ONLY works on IIS 7, .NET 3.0+, and when using the Integrated Pipeline mode. This might be a bit restrictive depending on your app.