You are not authorized to 'View a page'
This has happened to me twice and I have been unable to recover from it.
I set the permission for all pages to deny Anonymous. A few runs later (perhaps caching is going on) and I get the following error. I had to delete the project and start over to fix it.
An additional thing is that this likes to start happening when I set a custom membership provider in the web.config. The provider works with a basic ASP.NET website, but only has the ValidateUser method implemented. (but that works fine with the basic web project)
A few questions:
1) Shouldn't unauthenticated users be redirected to the login page instead of blowing up?
2) Is setting to "deny all to anonymous" insta-death and that is expected?
3) If so, what should we do instead in order to setup a website where no one has access except to the login page?
4) If this happens, what tables do I have to hack to undo it?
5) Is it possible to just turn off whatever caching is going on so that changes I make can be directly tested without multiple restarts?
6) Does sitefinity 4.0 support custom membership providers yet?
7) Is there a tutorial somewhere how to setup one in 4.0?
8) The backend (/Sitefinity/ directory) seems to expect a method in the provider called "GetUsers" which doesn't exist in the Microsoft MembershipBase. Do I need to implement a different abstract base class to get it to work? Perhaps something in a Sitefinity .dll? I tried inheriting SitefinityMembershipProvider but it doesn't have that method either. I see OpenAccessMembershipProvider and it does have this method, but I was unable to implement this class successfully.
Thank you,
John.
Server Error in '/' Application.
--------------------------------------------------------------------------------
You are not authorized to 'View a page' ('Pages').
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.UnauthorizedAccessException: You are not authorized to 'View a page' ('Pages').
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically MACHINE\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[UnauthorizedAccessException: You are not authorized to 'View a page' ('Pages').]
DynamicModule.ns.Wrapped_OpenAccessPageProvider_c32f5ec7166d478584c55fc8dac03caf.GetPageNode(Guid id) +300
Telerik.Sitefinity.Web.SiteMapBase.GetRootNodeCore(Boolean ifAccessible) +357
Telerik.Sitefinity.Web.SiteMapBase.GetRootNodeCore() +38
Telerik.Sitefinity.Web.SiteMapBase.FindSiteMapNode(String rawUrl, Boolean ifAccessible) +677
Telerik.Sitefinity.Web.SiteMapBase.FindSiteMapNode(String rawUrl) +41
Telerik.Sitefinity.Web.SitefinityRoute.GetRouteData(HttpContextBase httpContext) +164
System.Web.Routing.RouteCollection.GetRouteData(HttpContextBase httpContext) +194
System.Web.Routing.UrlRoutingModule.PostResolveRequestCache(HttpContextBase context) +26
Telerik.Sitefinity.Web.SitefinityHttpModuleIIS6.PostResolveRequestCache(HttpContextBase context) +590
System.Web.Routing.UrlRoutingModule.OnApplicationPostResolveRequestCache(Object sender, EventArgs e) +80
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +68
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75
--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.4952; ASP.NET Version:2.0.50727.4927
Well, the answer to #4 seems to be:
update sf_permissions set [deny] = 0
rows returned = 1 in my case
Now I have access to the website again.
Hello John,
There is a missing implementation for Membership, Role and Profile providers that wraps the standard ASP.NET Providers in the BETA. We managed to make just a skeleton of these providers and we will complete them for the release candidate. Currently we do not support custom providers - there are issues with them. We are working on a articles about custom membership and role providers.
In the BETA it is not possible to handle 403 status code of the error. By default the ASP.NET SiteMapProvider also does not return information whether the page is not accessible or it is not presented in the current sitemap. Since we follow the default implementation of ASP.NET SiteMapProvider we are also affected from this issue and we are working on a solution about it.The fix is very easy and we will have this functionality in the release candidate.
Some changes to the application quire restart, because they depends on initialization of some providers. For instance if you have a custom module - first, you have to build the class library/project each time you make any change in the code. Second the module will be added after application restart, because after application restart the backend main menu is initialized and populated and all modules are created.
Let me know if there are any further questions.
Kind regards,
Ivan Dimitrov
the Telerik team