I'm making an ajax call and if the user is not an admin, i want to throw an error of type 401 - unauthorized and then let the web.config redirect the user to my access denied page:
<customErrors mode="On">
<error statusCode="500" redirect="~/InternalError.html"/>
<error statusCode="401" redirect="~/AccessDenied.aspx"/>
</customErrors>
As you can see, i have a type 500 - internal server error to handle other errors. But when i run this code:
if (user.Type != AppUser.UserType.SystemAdministrator)
{
throw new HttpException((int)HttpStatusCode.Unauthorized, "Unauthorized");
}
web.config thinks a 500 is thrown and shows InternalError.htm instead of AccessDenied.aspx. How do i tell my ASP.NET application to throw a 401 instead of a 500, so the correct error page will be shown?
This is not MVC.
Set the Response.StatusCode instead and it will trigger the redirect.
Alternatively, you can use the below: