Tech Tip : How to display the requested resource URL in the authorization reject error page

TechTip
How to display the resource URL the user was trying to accesss in the authorization reject error page

 

INSTRUCTIONS:
  • Create a Variable of type ResourceContext as below. This stores the last accessed resource URL.Variable-ResourceContext
  • Create Response with the following two attribute :

WebAgent-OnReject-Redirect = URL where you would like the user to be redirected after Authorization Reject.

WebAgent-OnReject-Text = Configure this to read the value of the Variable created earlier. This will create a SMTEXT cookie response which will have the value of the Resource URL.

OnAccesRejectRedirect_Response

OnRejectText

OnRejectRedirect_ResponseAttribute

  • Create OnAccessReject rule for the root resource.OnAccessReject_Rule
  • Associate the OnAccessReject rule with the Response created above. OnAccessRejectPolicy_UsersOnAccessRejectPolicy_Rule
  • Configure the AZ redirect page to read the value from SMTEXT cookie :

(Below sample use class ASP )

<table border="1">
<h1 style="color:red;"> You are not authorized to access resource : <%=Request.Cookies("SMTEXT")%> </h1>

<%
for each x in Request.ServerVariables
response.write(x & " = " & Request.ServerVariables(x) & "<br />")
next
%>

</table>
</body></p>
<p style="padding-left: 30px;">

TESTING:

  1. Access resource which the user is not authroized for.AzReject
  2. Sample fiddler : 
  3. Sample fiddler + accessdenied.asp : fiddler_azrejectpage

 

Leave a Reply