Is it better to redirect to a different page/document using HTTP headers or to incorporate a dynamic message to inform users of denied access?

I would like to know what is the best practice for informing a user that their access attempt was denied. I realize there are probably more options, but these are the methods I'm considering:

1. Inform a user on a dedicated "Access Denied" page reached when my script redirects them via header("Location:")
2. Inform a user in message in the requested dynamic page

I'd like to know the pros vs cons. Currently I can come up with these:

1. Pro for redirection : possibly more obfuscated?
2. Pro for message in requested page : less requests on the HTTP server?

Redirect to an error page or an error controller/action in the current request( if you are using some MVC-structure).

And also make sure that you send the correct HTTP headers(code 401 is the right one for access denied) so that a search robot or similar understands what's going on.

1. Pro for redirection : possibly more obfuscated?

What's the point of obfuscating?

2. Pro for message in requested page : less requests on the HTTP server?

Nearly all your traffic will be used by serving content that isn't access denied pages. So I don't really think that's a reason to decide for the one or the other. It's not like users will be F5-hammering on sites they can't access anyway.

EDIT: To summuarize: It doesn't really make a difference, but if you can try not to redirect and make sure that the proper headers are sent.

EDIT2: As James Wheare pointed out in the comments it's against the HTTP spec to redirect to an error page. In other words: Do not redirect, but print the error directly on the page where it occured along with the proper headers.