Hi Guys
I recently purchased Wingate, one of the requirements is to change the default "Access Denied
You do not have sufficient rights for access to this resource WinGate" page to one that has the company logo and some more test on it.
Can someone please assist ?
Kind Regards,
Jvrsvw
Custom "Access Denied" Page
Moderator: Qbik Staff
6 posts
• Page 1 of 1
- Nev
- WinGate Guru
- Posts: 861
- Joined: Sep 22 03 11:35 pm
- Location: Mudgee ~ NSW ~ Australia
Re: Custom "Access Denied" Page
by adrien » Jul 26 09 5:09 pm
Hi
Just wondering how you'd most like such functionality to operate.
e.g.
1. On what basis would you want to show a custom access denied page
* On any access denied show the same page
* custom pages depending on the nature of the request etc
2. Would you want to be able to put dynamic content into the page? E.g. insert the username / requested URL etc.
3. Would you want this to redirect the user to the error page (easier to deal with embedded images then) or simply serve the page.
4. Would you want customizable pages for other sorts of errors, e.g. connection timeout, host lookup failure, auth failure etc?
We have a lot of this functionality in WinGate 7 already, but that's still a wee way off. WinGate 6's web proxy is now closely aligned to WinGate 7's one, so we could add such functionality a lot more easily. We'd just want to do it in a way that didn't create settings migration nightmares for someone upgrading to 7 later.
Regards
Adrien
Just wondering how you'd most like such functionality to operate.
e.g.
1. On what basis would you want to show a custom access denied page
* On any access denied show the same page
* custom pages depending on the nature of the request etc
2. Would you want to be able to put dynamic content into the page? E.g. insert the username / requested URL etc.
3. Would you want this to redirect the user to the error page (easier to deal with embedded images then) or simply serve the page.
4. Would you want customizable pages for other sorts of errors, e.g. connection timeout, host lookup failure, auth failure etc?
We have a lot of this functionality in WinGate 7 already, but that's still a wee way off. WinGate 6's web proxy is now closely aligned to WinGate 7's one, so we could add such functionality a lot more easily. We'd just want to do it in a way that didn't create settings migration nightmares for someone upgrading to 7 later.
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: Custom "Access Denied" Page
by jvrsvw » Jul 28 09 3:13 am
To start with is basically a page when a blocked site is accessed, that would show company logo and state that this site violates company policy.
I can host the page on IIS or if possible just change the current page with a new one.
Does that make sense ? :)
Thanks
I can host the page on IIS or if possible just change the current page with a new one.
Does that make sense ? :)
Thanks
- jvrsvw
- Posts: 22
- Joined: Jul 25 09 3:48 am
Re: Custom "Access Denied" Page
by ChrisH » Jul 28 09 3:26 pm
jvrsvw
If you have IIS have a look at this thread.
viewtopic.php?f=12&t=26899
While not perfect it is a start nonetheless.
Adrien
My preferences;
custom pages, with dynamic content, with redirect
If you have IIS have a look at this thread.
viewtopic.php?f=12&t=26899
While not perfect it is a start nonetheless.
Adrien
My preferences;
custom pages, with dynamic content, with redirect
Chris H.
- ChrisH
- WinGate Master
- Posts: 388
- Joined: Sep 13 03 1:38 am
- Location: Canada
Re: Custom "Access Denied" Page
by adrien » Jul 28 09 4:11 pm
not sure if those reg values are still used in 6.6 onwards. Can't find them being used in the code.
so looks like I broke that option sorry.
With WinGate 7, policy is a flow-chart, so at any point in the chart for WWW you can specify that you will divert the client somewhere. This then can be based on what they may have requested, time of day, which client, user etc etc etc. You get to decide on the basis for why you may wish to divert.
Once you decide to divert, you get to choose whether you will divert to a http URL, in which case a redirect (302 status) is sent back to the client with the URL you specify (which can be constructed from any available event data - about 100 different parameters you can use to build the URL). If you specify a filename (which can be a script), then WinGate will just serve that back to the client with a 200 status. This may need some work, since it could be problematic for client-side caching, or other request methods (e.g. something other than GET). If the file points to a script, and you've configured WinGate's WWW proxy to say use PHP, then that will be processed, and the result of the script goes back to the client (so you can set response code and headers).
There's also an option to reject (rather than divert) at any point in the flow-chart. The reject option allows you to specify 2 parameters (which can be built) a message title, and a message description. These are used to build a response page from a fixed template. The template in this case is the same as is used in the current error messages in 6.6.2.
So I'm thinking, it would be useful to be able to
a) specify some templates for pages to serve back under certain circumstances: e.g.
* 401 access denied (as a server)
* 407 access denied (as a proxy)
* 503 Gateway error (various reasons: connection timeout, host name lookup failure etc).
could do these like IIS, where there are pages you can specify for e.g. 503.1, 503.2, 503.3 relating to different reasons for a gateway error.
b) have these able to be scripts.
I'm picking you wouldn't want these configurable
* per site?
* per proxy?
* global?
or would you want to be able to override these per site? Starting to get a bit like a HTTP server which has already been invented....
so looks like I broke that option sorry.
With WinGate 7, policy is a flow-chart, so at any point in the chart for WWW you can specify that you will divert the client somewhere. This then can be based on what they may have requested, time of day, which client, user etc etc etc. You get to decide on the basis for why you may wish to divert.
- WinGate 7 sample WWW proxy policy
- sample policy.jpg (86.95 KiB) Viewed 6637 times
Once you decide to divert, you get to choose whether you will divert to a http URL, in which case a redirect (302 status) is sent back to the client with the URL you specify (which can be constructed from any available event data - about 100 different parameters you can use to build the URL). If you specify a filename (which can be a script), then WinGate will just serve that back to the client with a 200 status. This may need some work, since it could be problematic for client-side caching, or other request methods (e.g. something other than GET). If the file points to a script, and you've configured WinGate's WWW proxy to say use PHP, then that will be processed, and the result of the script goes back to the client (so you can set response code and headers).
There's also an option to reject (rather than divert) at any point in the flow-chart. The reject option allows you to specify 2 parameters (which can be built) a message title, and a message description. These are used to build a response page from a fixed template. The template in this case is the same as is used in the current error messages in 6.6.2.
So I'm thinking, it would be useful to be able to
a) specify some templates for pages to serve back under certain circumstances: e.g.
* 401 access denied (as a server)
* 407 access denied (as a proxy)
* 503 Gateway error (various reasons: connection timeout, host name lookup failure etc).
could do these like IIS, where there are pages you can specify for e.g. 503.1, 503.2, 503.3 relating to different reasons for a gateway error.
b) have these able to be scripts.
I'm picking you wouldn't want these configurable
* per site?
* per proxy?
* global?
or would you want to be able to override these per site? Starting to get a bit like a HTTP server which has already been invented....
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
6 posts
• Page 1 of 1
Who is online
Users browsing this forum: Google [Bot] and 0 guests