I submitted this ticket and was told I should post the problem in the forums. Can anyone figure out why I'm doing the right thing (according to support) but not getting the right result? Surely using custom error pages isn't that unusual. So why isn't it working? ---------------------------------------------------------- I logged into IIS7 manager & navigated to the password-protected folder (the one I set "deny anonymous users" to). I clicked Error Pages. I added entries for status code 401.1 and 401.2 (the codes that came up when I clicked cancel from the user login prompt on the website). For each I selected "Execute a URL on this site" and typed in the path to the error page. When I did all this, nothing changed. The same user-unfriendly error page came up when I clicked cancel from the user login page on the website. There's an alert on the Error Page config page that says "You have configured detailed error messages to be returned for both local and remote requests. When this option is selected, custom error configuration is not used." So I clicked Edit Feature Settings and changed Detailed errors to Custom errors, and I set the default page to the same one I set in the 401.1/401.2 entries (along with Path type to Execute URL). As a consequence of doing that, the login did not come up. When I clicked the link that points to the page in the password-protected folder, I went straight to the error page (the one I specified in Feature Settings). There was no user prompt -- just the error page. When I switched the settings back to Detailed errors, I got the login prompt but not the custom error page (same as before). Shouldn't I be able to have both a custom error page AND the login prompt? I find it odd that changing the error page settings took away the login. Site: http://asghoust.w05.Winhost.com/ Protected folder: /member_services/newsletter/newsletter_secure Error page: /member_services/newsletter/error.aspx BTW, the login itself works fine. When I enter the correct username/pw, it's peachy.
I read this thread: http://forum.Winhost.com/showthread.php?t=7578 And I changed the status code settings to a file (.htm) instead of executing a URL (.aspx). Now I get a somewhat less user-unfriendly page. Instead of a page full of technical details, I get a big white page with this at the top: "You do not have permission to view this directory or page." That is not the new .htm page that I set up, btw. I don't know where this big white error page came from. I also tried going into Feature Settings and changing from a URL to a file. No difference. Still the big white page and not my error page. I tried moving my error page into the root. No difference. I read this page: http://msdn.microsoft.com/en-us/library/h0hfz6fc(v=vs.71).aspx And I went into Web.config and modified in the example code that was already in the file but commented out. No difference. I still get the big white page instead of my error page.
Typically when you get this error "You do not have permission to view this directory or page." it means you do not have directory browsing enabled. And if you have do not have a startup page for your web service to pull up on than it just shows a white page. First make sure you have a default startup page to show. Make sure on your root you have a file such as default.asp, index.asp, or index.aspx, or default.aspx. Try looking at the this thread from our community forum for starting up a default document for your web service. http://forum.Winhost.com/showthread.php?t=7577
Yep, I have a default page set up. If you go to www.asghouston.org, the page index.aspx will automatically come up. How does directory browsing fit into things? I want the password-protected folder to NOT be browse-able (except by the users who have the login) so should I disable directory browsing on it? FWIW, I checked the settings for that folder, and it's currently enabled.
If you have it password protected that should also pop up the server login so that you input some kind of user name you may have created in the Winhost control panel. But once you are logged in, then it will go through the normal process. So if you do not have a default page for the system to pull up and you have directory browser disabled you will need to setup a default page. Now if you say that the index page is pulling up correctly then I am not sure what you are getting this error message. The best thing to do right now is give us a URL and a way to replicate it so we may understand your situation much more clearer.
Here's the main URL: http://www.asghouston.org Here’s the password-protected directory: http://www.asghouston.org/member_services/newsletter/newsletter_secure/newsletter_files.aspx If you click that link, you will see a login window come up. If you click cancel, you will see a big white error (BWE) page that says “You do not have permission to view this directory or page.” Currently newsletter_secure has directory browsing enabled and one additional authorization rule (to deny anonymous users). As described previously, I added two error pages for this directory for status codes 401.1 and 401.2. The response action for both is “Insert content from static file into error response.” The file is /error_page.htm (http://www.asghouston.org/error_page.htm – it’s not the same as the BWE page that comes up now). In the Edit Feature Settings dialog box, I have “Custom error pages” and the default path pointing to the error_page.htm. Ideally, I would like the error page to point to an .aspx page, but when I did that, the results were bad. (1) If Detailed error pages was set in Edit Feature Settings, then the default error page (the one that came up before I started mucking around with this) came up. So essentially no change. The default page is a big, text-filled, technical page. (2) If Custom error pages was set in Edit Feature Settings, then clicking the …newsletter_files.aspx link (2nd link from the top) would go straight to the error.aspx page – no login prompt. Also, fyi, the login itself works fine. No problems there. The issue is getting a custom error page to come up when a user clicks "cancel" in the login prompt.
What do you have in your applications web.config file? Are you sure you defined the custom error correctly? Make sure it is "Remarked" out.
Initially the web.config file had the custom error stuff commented out. I un-commented it and edited it, but the custom error page still didn't come up. So I commented everything out again.
For now we should try un-commenting out your custom error handling in your web.config file and test from there. Its difficult to test without starting from the beginning.
This is what I initially put in my web config file (uncommented from before): <customErrors mode="RemoteOnly" defaultRedirect="error_page.htm"> <error statusCode="403" redirect="error_page.htm" /> <error statusCode="404" redirect="error_page.htm" /> <error statusCode="401.2" redirect="error_page.htm" /> <error statusCode="401.1" redirect="error_page.htm" /> <error statusCode="401" redirect="error_page.htm" /> </customErrors> Using IIS Manager, I deleted the custom set up for errors 401.1 and 401.2. When I clicked Cancel from the newsletter login screen, I saw my own error_page.htm. This was an improvement! I'd prefer to see something more similar to my other webpages, which are .aspx, so I created error_access.aspx (as well as the generic error.aspx). I modified the web config file as follows: <customErrors mode="RemoteOnly" defaultRedirect="http://www.asghouston.org/error.aspx"> <error statusCode="401.2" redirect="http://www.asghouston.org/error_access.aspx" /> <error statusCode="401.1" redirect="http://www.asghouston.org/error_access.aspx" /> </customErrors> Then I went into IIS, Error Pages, Edit Feature Settings, and I changed the default path from E:\web\asghoust\error_page.htm (type: File) to /www.asghouston.org/error_access.aspx (Execute URL). Result: The login prompt did not come up. Clicking the link took me directly to error_access.aspx. I tried http://www.asghouston.org/error_access.aspx (Redirect). Same result (no login, straight to error_access.aspx). Final standing: __web config__ <customErrors mode="RemoteOnly" defaultRedirect="http://www.asghouston.org/error.aspx"> <error statusCode="401.2" redirect="http://www.asghouston.org/error_access.aspx" /> <error statusCode="401.1" redirect="http://www.asghouston.org/error_access.aspx" /> </customErrors> __error page settings in IIS__ E:\web\asghoust\error_page.htm __result__ 1. login prompt comes up 2. error_page.htm comes up 3. error_access.aspx does NOT come up Hope that all makes sense.
