Custom access denied page

Ian
Ian
Vote:
 

I'm looking to serve up a custom access denied page for specific pages in the CMS, one that does not redirect to the default Optimizely CMS login screen. Previously, I would have implemented a custom IAccessDeniedHandler, but it appears that interface is only available in the Episerver.CMS.AspNet, which cannot be used.

Is there a .NET Core equivalent or should I be approaching this a different way? 

#286458
Sep 01, 2022 11:31
Vote:
 

I posted the same question a month ago about the IAccessDeniedHandler and got to a dead end with it.

What are you trying to achieve? What conditions will trigger the user to be redirected to your access denied page?

#286461
Sep 01, 2022 13:07
Ian
Vote:
 

Essentially, I'm running some custom logic to check for the existence of a session variable as well as a few bits of logic around a page's access control list. If that custom logic returns false, I want to force the user to be redirected to a custom URL, not the default Optimizely login URL -- which is triggered now because the page does not give "everyone" access via the Access Viewer. 

I was previously running this logic in the OnAuthorization event handler with my PageControllerBase, but that has since been removed as well in .NET Core.

#286462
Edited, Sep 01, 2022 13:26
Vote:
 

In which case you might benefit from implementing the IAuthorizationMiddlewareResultHandler.

I blogged about a similiar situation where I wanted the user to be redirected to different login path based what resource they were trying to access:

https://www.hiddenfoundry.com/thoughts/multiple-login-paths-for-optimizely-cms-in-net6/

#286466
Sep 01, 2022 13:50
Ian
Vote:
 

Thank you! I'll definitely check this out.

#286468
Sep 01, 2022 13:54
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.