HttpModule events - intercept sharepoint redirect to accessdenied.aspx

For my SharePoint setup I have a a specific user group that does not have access to the frontpage of the site. If they visit it directly, they get the standard "Access denied" page from SharePoint.

I am developing a HttpModule that intercepts visit to the frontpage, checks the current user and redirects him to the sub-site they have access to.

I first tried using the PostAuthorizeRequest, but it seems SharePoint triggers on an earlier event and still redirects to the Access Denied page. I have tested with a user that had access to the frontpage but still be redirected, and there the redirect works fine.

Which event do I need to capture to be able to get the user after they've entered username/password but before SharePoint redirects them?

Instead of catching an "unauthorized" event in your code, I suggest that you go with custom errors. When a user is redirected to the Access denied page, SharePoint is actually throwing an error with the error code "401" (for unauthorized).

In your web.config you can configure the behavior of your application for the 401 errors. If you've ever done an custom error page on a web app, it's the same thing. Look for the CustomError node in your web.config and modify it to something like this :

<customErrors mode="On" defaultRedirect="~/_layouts/CustomErrorPage.aspx">
  <error statusCode="401" redirect="~/_layouts/AccessDeniedPage.aspx" />
</customErrors>

Then create your CustomErrorPage.aspx and your AccessDeniedPage.aspx and deploy them to the 12 hive.

In the code behind of these pages, you can override the PageLoad event to redirect them wherever you want to :

protected void Page_Load(object sender, EventArgs e)
{
    bool isLogged = HttpContext.Current.User.Identity.IsAuthenticated;
    Response.Redirect("wherever");
}

Note that at this point you will still have access to the SPContext object if you need it (and i'm assuming you will want to write specific code depending on the group membership of the user).

This is not a SharePoint specific behavior. All ASP.NET apps work that way. Using a site-wide configuration will allow you to only run your code when it needs to run (i.e. when the access is denied) instead of checking for permissions on every page load or something like that.

Redirecting to custom 401 page when "Access denied" occures , Instead of catching an "unauthorized" event in your code, I suggest that you go with custom errors. When a user is redirected to the Access denied page,  HttpModule events - intercept sharepoint redirect to accessdenied.aspx. For my SharePoint setup I have a a specific user group that does not have access to the frontpage of the site. If they visit it directly, they get the standard "Access denied" page from SharePoint.

As in SharePoint 2013 we have Bug for configuring Custom Access Denied Page, Explained here how to implement using HTTPModule.

Create HTTPModule Step Wise - Explained with CustomAccessDenied Page in SharePoint 2013

Intercepting sharepoint open document request, How to replace the default ASP.NET "Access denied" page? NET Framework · Android · iOS · Mobile · SharePoint · Silverlight / WPF Try to catch an unauthorized request in one of the application events in Global.asax.cs: If you intercept the 401 and redirect somewhere, you hijack the browser's ability to challenge. My issue is: In Sharepoint 2010 after user create site, at first I need to redirect user to my custom page and not to redirect user to url of new site. I created event reciever for web and tried site after creating to redirect on my page with using SPUtility.Redirect():

Use the SPSecurity.SuppressAccessDeniedRedirectInScope method that is available in the API to prevent SharePoint out of the box redirection. Example of usage - wrap your code in this snippet:

using (SPSecurity.SuppressAccessDeniedRedirectInScope scope = new SPSecurity.SuppressAccessDeniedRedirectInScope()) {
try{
catch (UnauthorizedAccessException ex){
}
}

IT Security Policy Management Usage Patterns Using IBM Tivoli , 3- If user doesn't have permissions, transfer request to access denied page. My question is: Is there any way to do this (with or without the httpmodule )?. Current​  In this article I would like to take you through deploying an HTTP module in SharePoint 2013. Scenario Redirect users from accessing the Site Contents page (viewlsts.aspx). Procedure Open Visual Studio and create a Class Library project. Add a reference to the System.Web library. Replace the class file with the following code where:

Redirection, NET, for example, as a SharePoint WebPart or within an ASPX page. IIS integration with the SharePoint Authorization HTTP Module Integrating at the IIS This setup provides interception of requests during the processing, in which custom of the original request, such as redirection to an access denied or error page. It depends on what module event your module handler hooks. Some events fire sooner than others. BeginRequest most likely fires for both, but anything closer to the actual HttpHandler's execution (ie the ASPX Page Handler) won't fire because the request actually is redirected via URL Routing.

INFO: ASP.NET HTTP Modules and HTTP Handlers Overview, Redirecting http to https in SharePoint with AAM http://www.contoso.com/​SubSite/Lists/TestList/DispForm.aspx? Rule2: deny select ip startwith “192.168​” for A and C user -> Redirect to access denied page This HTTPModule Intercepts the Application Cycle, and performs a 301 Redirect to the domain The sample project has only a few relevant lines of code in the Application_EndRequest event of Global.asax.cs. The page default.aspx is accessible only to authorized Windows users. If access is denied the page PublicArea/AccessDenied.aspx will be called.

‍ Vector pointer to objects, you need a deep copy of the vector, but , This article provides an introduction to the ASP.NET HTTP modules and HTTP handlers. Modules enable developers to intercept, participate in, or modify An HttpApplication class provides a number of events with which 308000 HOW TO: Create an ASP.NET HTTP Module by Using Visual Basic .NET. Create a custom httpModule and install it on your Sharepoint site that remaps which .Master pages your pages use. If you aren’t familiar with httpModules, fear not, they are extremely simple. The httpModule sits in the middle of the http request processing stream and can intercept page events when they initialize.