We figured it out, thanks to Bob's reply.
The setting:
<location path="Security">
<system.web>
<authorization>
<allow users="*">
</allow>
</authorization>
</system.web>
</location>
Overwrite any setting previously described in the web.config
file, therefore overwrites the <customErrors
mode="Off" /> and assumes the default value,
showing the exception in the browser.
The following corrects the problem and allows the
Application_error to be triggered:
<location path="Security">
<system.web>
<authorization>
<allow users="*">
</allow>
</authorization>
<customErrors mode="Off" />
</system.web>
</location>
Thanks,
Lizet
-----Original Message-----
From: Discussion of building .NET applications targeted for
the Web [mailto OTNET-WE
B DISCUSS.DEVELOP.COM] On Behalf Of Pena, Lizet
(Consultant)
Sent: Tuesday, November 14, 2006 1:38 PM
To: DOTNET-WEBDISCUSS.DEVELOP.COM
Subject: Re: [DOTNET-WEB] Server.GetLastError and the
Application_Error event not working on certain pages
Thanks for the reply.
The login form happens to be in a folder that does have that
location setting in the web.config. It is a matter of
allowing access to that folder, and due to organizational
settings the login page happens to be in that folder. Our
main problem is regarding any aspx page that is on that
folder.
Why the location setting changes whether an exception is
caught by the global error handler or not, does it define a
new application domain?
Thanks again,
Lizet
-----Original Message-----
From: bobu21comcast.net [mailto:bobu21comcast.net]
Sent: Tuesday, November 14, 2006 1:22 PM
To: Discussion of building .NET applications targeted for
the Web; DOTNET-WEBDISCUSS.DEVELOP.COM
Cc: Pena, Lizet (Consultant)
Subject: Re: [DOTNET-WEB] Server.GetLastError and the
Application_Error event not working on certain pages
I don't think you need to have the login page identified in
a location element in web.config. If you are using forms
authentication, you should be able to do the following:
<authentication
mode="Forms">
<forms
requireSSL="false"
slidingExpiration="true"
loginUrl="login.aspx"
name="AuthenticationTicket"
protection="All"
timeout="20" />
</authentication>
and
<authorization>
<deny users="?" />
<allow users="*" />
<!-- Allow all users -->
</authorization>
in which case an exception would get caught by the global
error handler.
Bob
-------------- Original message ----------------------
From: Lizet Pena de Sola <Lizet.PenaCIT.COM>
> Hello all,
>
> We have the unhandled exception treatment in our
Global.asax file
> (ASP.NET 1.1) all the pages that require authentication
show the proper
> behavior when an unhandled exception is thrown, this
is, the
> Application_Error event is triggered and the
Server.GetLastError has the
> value of this exception.
>
> However whenever there is an unhandled exception on the
pages that are
> not marked as secured, such as the login.aspx page, the
> Application_Error event never happens.
>
> This pages are affected by the following configuration
settings in the
> web.config file:
>
> <location path="Security">
>
> <system.web>
>
> <authorization>
>
> <allow users="*">
>
> </allow>
>
> </authorization>
>
> </system.web>
>
> </location>
>
> Is this a normal behavior or I'm missing a
configuration issue?
>
> Thanks in advance,
>
> Lizet
>
>
> ===================================
> This list is hosted by DevelopMentor� http://www.develop.com
>
> View archives and manage your subscription(s) at http://discuss.develop.com
===================================
This list is hosted by DevelopMentor® http://www.develop.com
View archives and manage your subscription(s) at http://discuss.develop.com
===================================
This list is hosted by DevelopMentor® http://www.develop.com
View archives and manage your subscription(s) at http://discuss.develop.com
|