Try our conversational search powered by Generative AI!

Custom access denied page


I'm looking to serve up a custom access denied page for specific pages in the CMS, one that does not redirect to the default Optimizely CMS login screen. Previously, I would have implemented a custom IAccessDeniedHandler, but it appears that interface is only available in the Episerver.CMS.AspNet, which cannot be used.

Is there a .NET Core equivalent or should I be approaching this a different way? 

Sep 01, 2022 11:31

I posted the same question a month ago about the IAccessDeniedHandler and got to a dead end with it.

What are you trying to achieve? What conditions will trigger the user to be redirected to your access denied page?

Sep 01, 2022 13:07

Essentially, I'm running some custom logic to check for the existence of a session variable as well as a few bits of logic around a page's access control list. If that custom logic returns false, I want to force the user to be redirected to a custom URL, not the default Optimizely login URL -- which is triggered now because the page does not give "everyone" access via the Access Viewer. 

I was previously running this logic in the OnAuthorization event handler with my PageControllerBase, but that has since been removed as well in .NET Core.

Edited, Sep 01, 2022 13:26

In which case you might benefit from implementing the IAuthorizationMiddlewareResultHandler.

I blogged about a similiar situation where I wanted the user to be redirected to different login path based what resource they were trying to access:

Sep 01, 2022 13:50

Thank you! I'll definitely check this out.

Sep 01, 2022 13:54
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.