Click here to Skip to main content
13,003,934 members (129,084 online)

How can I stop the login prompts after URL Authorization has been denied?

Tyson3264 asked:

Open original thread
Is there a way within web.config or IIS 7 settings that will stop the login prompts and just force the user to the 401 error upon being denied due to URL Authorization rule?

Right now it successfully restricts access the page, but doesn't display the "401 - Unauthorized: Access is denied due to invalid credentials" error until after you click cancel on the login prompt.

Using Windows 2008 R2, IIS 7.5, Windows Authentication, Impersonation, and URL Authorization.

below is a sample of how my web.config file looks like...

<?xml version="1.0" encoding="UTF-8"?> 
                <remove users="*" roles="" verbs="" /> 
                <add accessType="Allow" roles="iis7test\BobAndFriends" />             
    <location path="bobsSecret.aspx"> 
                    <remove users="" roles="iis7test\BobAndFriends" verbs="" /> 
                    <add accessType="Allow" users="iis7test\Bob" />                  
Tags: C#, Windows (Win2008-R2), ASP.NET, IIS (IIS7), Authentication


When answering a question please:
  1. Read the question carefully.
  2. Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
  3. If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Let's work to help developers, not make them feel stupid.
Please note that all posts will be submitted under the The Code Project Open License (CPOL).

Advertise | Privacy | Mobile
Web02 | 2.8.170627.1 | Last Updated 26 Mar 2009
Copyright © CodeProject, 1999-2017
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100