Querying restricted page when not logged in

Posted by Community Admin on 04-Aug-2018 17:25

Querying restricted page when not logged in

Sitefinity - Front- & Back-End Development

All Replies

Posted by Community Admin on 17-Apr-2015 00:00

I need to retrieve the URLs for some pages that are restricted to authorised users. However, I wish to do this in a widget that is displayed on pages that can be accessed by anonymous users, the idea being that the URL redirects to the login page with the correct ReturnUrl parameter in the query string.

When trying to query pages in this way using PageManager.GetManager().GetPageNode I get the following error:

 

You are not authorized to 'View this page and its child pages' ('Pages').
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
 
Exception Details: System.UnauthorizedAccessException: You are not authorized to 'View this page and its child pages' ('Pages').
 
ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically MACHINE\ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
 
To grant ASP.NET access to a file, right-click the file in File Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.

Is there any other way to query restricted pages when not logged in? I can understand that an anonymous user should not be able to reach a restricted page, but not being able to query it in the controller code seems to be quite limiting.

Posted by Community Admin on 22-Apr-2015 00:00

Hi Haroon,

You can try to suppress the security check before your code and set it back once it is called like:

PageManager manager = PageManager.GetManager();
manager.Provider.SuppressSecurityChecks = true;
 
// your code goes here
 
manager.Provider.SuppressSecurityChecks = false;

I hope this helps.

Regards,
Svetoslav Manchev
Telerik
 
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
 

This thread is closed