Five New Optimizely Certifications are Here! Validate your expertise and advance your career with our latest certification exams. Click here to find out more
AI OnAI Off
Redirect user to specific page if unauthorised
Hi Sam
You could try replacing the default implementation of EPiServer.Web.IAccessDeniedHandler with your own implementation.
Be aware that AJAX requests and static file requests will not expect to be redirected on failure. So you might want to keep sending 401 status for those requests.
Apr 26, 2020 5:38
The solution posted by @Setfan Holm Olson is the best approach, however i found that this did not work for my website as we are using AD for the admin authentication as outlined in this guide:
https://world.episerver.com/documentation/Items/Developers-Guide/Episerver-CMS/9/Security/integrate-azure-ad-using-openid-connect/
If you are using this approach then you will need to add code to the startup.cs file as the 401s won't reach the AccessDeniedHandler.
May 01, 2020 17:26
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
I am building a website and we are using a virtual role to restrict access to certain parts of the site. I have tested this and it works correctly but now I just get a 401 error page when I go to one of the pages and IsInVirtualRole returns false. What I would like to do is redirect the user to a specific login page if they are unauthorised to view a page due to not being in this specific virtual group.
How can I do this?