As mentioned in this article, the easiest way is to override AccessDenied() in your templates or base class for your templates.
public override void AccessDenied() { // Important! Do not access CurrentPage directly with an anonymous user PageData currentPage = DataFactory.Instance.GetPage(this.CurrentPageLink); if (!this.IsEditOrPreviewMode && (!currentPage.CheckPublishedStatus(PagePublishedStatus.Published) || currentPage.IsDeleted)) { Response.Status = "404 Not Found"; Response.StatusCode = 404; Response.End(); } base.AccessDenied(); }
Hello Simon
I wrote about a similar approach to this: http://world.episerver.com/forum/developer-forum/-EPiServer-75-CMS/Thread-Container/2014/8/Display-Insufficient-Permission-Messaging-instead-of-redirecting-to-login/
Let me know if it helps
David
Hi David,
Unfortunately neither of those solutions work for me (site is aspx based).
After some further investigation it seems the reason Visual Studio won't accept the override code is that the method simply doesn't exist. I'm looking at my base pagetype class (this is not a project I started myself. It's an existing client one) and it extends TypedPageData, which is a class in the PageTypeBuilder package. It doesn't extend PageBase (which has the AccessDenied method). I'm pretty new to EpiServer, so I'm still getting used to how it all works but this seems to be the reason why the above methods do not work.
So if anyone knows how to implement an AccessDenied on PageTypeBuilder based pagetypes I'd be very glad to hear them.
Apologies Simon, should have checked the forum thread properly and seen you are on CMS 6 R2! You need to override the AccessDenied method in the rendering template, not on the pagetype itself. Can you paste an example of your template and base page type?
David
For reference your base page should look something like this:
public class SiteBasePage<TPageType> : TemplatePage<TPageType> where TPageType : TypedPageData { public override void AccessDenied() { //Do your work here } //Other code }
and your template page should look something like this:
public partial class YourPageTemplateName : SiteBasePage<YourPageTemplatePageType> { //Other code }
Hi David
We realised we had more base templates (for things like composer pages and such) so we're created a new class that implements the above AccessDenied method and inherits our basecomposer. Then we've switched the composer templates to inherit from the new class, to save us putting that method in on every template. Same for the other base templates.
This is working now, thank you.
Hi
At present, at unpublished page goes to the log in screen. This still means Google is still picking it up in their results, which we do not want.
I've looked at some previous solutions which involved either overiding the AccessDenied() method or HandleAccessDenied().
This is what I'm using in HandleAccessDenied:
With HandleAccessDenied() in global.asax is it seems the code doesn't get fired when looking at an unpublished page (logged in or not), so this does not seem to help me on that front.
AccessDenied(), I've tried implementing the code from this article:
http://world.episerver.com/forum/developer-forum/EPiServer-CMS-6-CTP-2/Thread-Container/2013/10/Visitors-get-redirected-to-EPi-login-page-when-visiting-expired-page/
And not getting much joy. It doesn't seem to work in our pagetypebase class (in our entities project), with it being unable to see the AccessDenied methods to override and unable to resolve the various symbols contained within the code. I do have a TemplateBageBase class, in the web project, which the code works with, but only a handful of the pages use that class and I don't appear to have others that I could try (also it seems the TemplatePageBase is derived from PageTypeBase - but as said, that doesn't like the code there).
Please help as I feel I'm going round in circles with this. ;)