The problem is that CAS send me a USERNAME, but the user is not in UserRoles.xml...
2014-02-21 15:59 GMT+01:00 Scott <[email protected]>: > Typically when you aren't authorized to access a page, ASP.NET redirects > you to the login page again, which is kind of a weird choice in my opinion. > With gateway authentication enabled, you could get caught in a redirect > loop. You'd get redirected to the CAS server, it would see that you're > already authenticated, kick you back to the .NET login page. The .NET > login page would redirect you to the page you aren't authorized to access, > which would restart the loop. > > We added an option in the casConfiguration in web.config which I believe > is called notAuthorizedUrl. If you end up accessing a page that you aren't > authorized to access, you get redirected there. It's crucial that your > authorization rules don't restrict access to that page. Other than that, > you can customize that page however you like. > > -Scott > > > On Fri, Feb 21, 2014 at 5:17 AM, davidinho <[email protected]>wrote: > >> Hi, I'm using the example for .net client. (ExampleWebSite) >> For USER not authorized I'm getting the following error... >> I wish I could redirect to a specified webpage where a Friendly message >> says. >> You are not authorized to view this page. >> Anyone can help me? >> David >> >> Invalid user name >> Description: An unhandled exception occurred during the execution of the >> current web request. Please review the stack trace for more information >> about the error and where it originated in the code. >> >> Exception Details: System.Configuration.Provider.ProviderException: >> Invalid >> user name >> >> Source Error: >> >> >> Line 128: >> Line 129: // Return role names >> Line 130: return roles; >> Line 131: } >> Line 132: >> >> Source File: e:\CAS_Dev\App_Code\ReadOnlyXmlRoleProvider.cs Line: 130 >> >> Stack Trace: >> >> >> [ProviderException: Invalid user name] >> Example.ReadOnlyXmlRoleProvider.GetRolesForUser(String username) in >> e:\CAS_Dev\App_Code\ReadOnlyXmlRoleProvider.cs:130 >> System.Web.Security.RolePrincipal.IsInRole(String role) +12321845 >> >> >> System.Web.Configuration.AuthorizationRule.IsTheUserInAnyRole(StringCollection >> roles, IPrincipal principal) +192 >> System.Web.Configuration.AuthorizationRule.IsUserAllowed(IPrincipal >> user, >> String verb) +233 >> >> >> System.Web.Configuration.AuthorizationRuleCollection.IsUserAllowed(IPrincipal >> user, String verb) +241 >> System.Web.Security.UrlAuthorizationModule.OnEnter(Object source, >> EventArgs eventArgs) +12673420 >> >> >> System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() >> +80 >> System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& >> completedSynchronously) +165 >> >> >> >> >> >> -- >> View this message in context: >> http://jasig.275507.n4.nabble.com/NET-client-example-webpage-tp4662014.html >> Sent from the CAS Developers mailing list archive at Nabble.com. >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
