I have an application which provides custom content on HTTP 401. The authorization filter which inherits from AuthorizeAttribute contains a method like this:
protected override void HandleUnauthorizedRequest(
AuthorizationContext filterContext)
{
filterContext.HttpContext.Response.Clear();
filterContext.HttpContext.Response.StatusCode =
(int)HttpStatusCode.Unauthorized;
filterContext.HttpContext.Response.Write("Custom content goes here.");
filterContext.Result = new HttpUnauthorizedResult();
}
When running the application locally and hitting a protected resource, the custom content is displayed successfully.
Once deployed to Windows Azure, the application simply displays:
You do not have permission to view this directory or page.
The header is still correct HTTP/1.1 401 Unauthorized, but the content I've set is gone.
How to prevent Azure from interfering with my application and pass-through the content from Responde.Write through HTTP down to the client?
As with IIS, adding:
filterContext.HttpContext.Response.TrySkipIisCustomErrors = true;
solves the issue. With this directive, the custom content is now shown to the client.