I'm currently using the httplistener authenticationselector delegate to do windows auth and ip checking and it's working brilliantly in that it denies and allows exactly the clients it should be.
However, the problem is that when someone gets denied, they get a 403 http response which seems to be interpreted by most browsers as a blank screen. What I would like to do is send a message back saying something like "access denied: your ip has been whitelisted".
Is this possible?
A snippet of the delegate is below (which works perfectly at the moment).
AuthenticationSchemeSelector pIPChecker = pRequest =>
{
if (!pfunIPChecker(pRequest.RemoteEndPoint.Address))
{
LogHelper.writeToEventLog(
"WARNING, BANNED IP: " + pRequest.RemoteEndPoint.Address.MapToIPv4().ToString() + "attempted to login",
EventLogEntryType.Warning,
LogHelper.EventLogID.PermissionFailure);
return AuthenticationSchemes.None;
}
return AuthenticationSchemes.Anonymous;
}
As X39 pointed out, the only way to do this seems to be not to use the Authenticator delegate, and instead actually read in the request as normal, and send back a 403 with the content you desire.