URL授权被拒绝后，如何停止登录提示？ [英] How can I stop the login prompts after URL Authorization has been denied?

问题描述

您好，

web.config或IIS 7设置中是否有一种方法可以停止登录提示，并且只是在因URL授权规则被拒绝时强制用户出现401错误？



现在它成功地限制了对页面的访问，但是在你点击取消之前没有显示401 - 未经授权：由于凭证无效而拒绝访问错误登录提示。



使用Windows 2008 R2，IIS 7.5，Windows身份验证，模拟和URL授权。


$下面的b $ b是我的web.config文件的样子...

Hello,
Is there a way within web.config or IIS 7 settings that will stop the login prompts and just force the user to the 401 error upon being denied due to URL Authorization rule?

Right now it successfully restricts access the page, but doesn't display the "401 - Unauthorized: Access is denied due to invalid credentials" error until after you click cancel on the login prompt.

Using Windows 2008 R2, IIS 7.5, Windows Authentication, Impersonation, and URL Authorization.

below is a sample of how my web.config file looks like...

<?xml version="1.0" encoding="UTF-8"?> 
<configuration> 
    <system.webServer> 
        <security> 
            <authorization> 
                <remove users="*" roles="" verbs="" /> 
                <add accessType="Allow" roles="iis7test\BobAndFriends" />             

            </authorization> 
        </security> 
    </system.webServer> 
    <location path="bobsSecret.aspx"> 
        <system.webServer> 
            <security> 
                <authorization> 
                    <remove users="" roles="iis7test\BobAndFriends" verbs="" /> 
                    <add accessType="Allow" users="iis7test\Bob" />                  

                </authorization> 
            </security> 
        </system.webServer> 
    </location> 
</configuration> 

推荐答案

可能是以下链接对您有帮助< br $> b $ b

http://stackoverflow.com/questions/217678/how-to -generate-an-401-error-programatically-in-an-asp-net-pages [ ^ ]

may be following link is helpful to you

http://stackoverflow.com/questions/217678/how-to-generate-an-401-error-programatically-in-an-asp-net-page[^]

通过使用httpErrors解决web.config中。该网站现在重定向到自定义错误页面，并且不会提示3次Windows凭据。

Solved by using httpErrors in web.config. The site now redirects to the custom error page and does not prompt for windows credentials 3 times.

<system.webServer>
   <httpErrors errorMode="DetailedLocalOnly" defaultResponseMode="File">
     <remove statusCode="401" />
     <error statusCode="401" path="/AccessDenied.aspx" responseMode="ExecuteURL" />
   </httpErrors>
 </system.webServer>

这篇关于URL授权被拒绝后，如何停止登录提示？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！