Handle windows authentication login popups Cancel click RRS feed

  • Question

  • User1590423150 posted



    I have simple web application called App that is secured with Windows Authentication. I have set identity impersonate to true in web.config. There is only one page (Default.aspx) in App directory. When user enters the site ex.: http://localhost/App the login window pops up. When user clicks Cancel, IIS redirects to page with an error 401.2. I want to redirect to http://localhost/App/app_start/login.aspx. App_start is an aplication that is secured with Forms Authentication. I tried to handle programmatically the redirection by adding Application_EndRequest method in Global.asax file. But when user clicks Cancel the Application_EndRequest is not being fired. When user successfully logs in the method is being fired. Is there any way to handle error 401.2 programmatically or maybe in a different way?

    Application_EndRequest code:

    if (Response.StatusCode == 401)



         Response.Write("You don't have access to content.");

    The web.config file of App application:

    <?xml version="1.0" encoding="UTF-8"?>
        <compilation debug="true" targetFramework="4.0" />
        <authentication mode="Windows" />
        <identity impersonate="true" />
        <machineKey decryptionKey="hidden from forum" validationKey="hidden from forum" />

    Thanks for help.


    Wednesday, November 3, 2010 5:12 AM


  • User-322036075 posted


    This is a custom module using HTTP.


    Remember, authentication is handled before ASP.NET even starts to render a or run code on a page. If the user is prompted for authentication and access is denied, this is at the IIS level.

    So you can either create a custom HTTP handle as Josh did above and run all requests through it


    create a custom IIS error page for 401.2.


    • Marked as answer by Anonymous Tuesday, September 28, 2021 12:00 AM
    Tuesday, November 9, 2010 8:38 AM

All replies