Sitefinity redirects front-end users to backend login screen

Posted by Community Admin on 04-Aug-2018 11:43

Sitefinity redirects front-end users to backend login screen

All Replies

Posted by Community Admin on 18-Sep-2015 00:00

I was able to reproduce the issue only a few times, but for sure there is some issue.

Our web application allows users to create an account on the front-end without permissions to access site backend.

We have some areas on the front-end where we require users to be authenticated (account management area).

To do this we use EventHub and IUnathorizedPageAccessEvent, if event of this type is fired we check if user is trying to access backend or frontend page. If it's a front-end page we redirect to the front-end login screen.

However, sometimes this event is fired at all and users are taken to Sitefinity backend login:

http://<our.domain>/Sitefinity/Authenticate/SWT?realm=<referer.url>&redirect_uri=%2fSitefinity&deflate=true

I guess this happens for accounts that have permission to access backend (maybe there is still some information in session or cookies).

To authenticate users on the front-end we use SecurityManager.AuthenticateUser.

Do you have any suggestions how can we solve this issue?

 

Posted by Community Admin on 18-Sep-2015 00:00

Good timing, I have a feedback portal item in discussion for this exact thing

www.sitefinity.com/.../sitefinity-redirects-front-end-users-to-backend-login-screen

Support suggests a javascript redirect widget (dont run the script in page edit mode!).  So when any user hits it, it should send them to the frontend login.

I however have lots of experience with SF and custom redirects from the backend login page, and I'll guarantee you there will be issues, so I'm not even doing this.  Even worse is when you put in a ticket you'll get blamed with a "Custom Login".

 

feedback.telerik.com/.../118951-refreshing-a-secured-page-after-the-session-is-expired-redirects-backend-users-to

Posted by Community Admin on 23-Sep-2015 00:00

Hi,

This information is helpful, I will test the scenario by authenticating via the api and verify if I can get the same behavior on my end.

Regards,
Atanas Valchev
Telerik

 
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
 

Posted by Community Admin on 23-Sep-2015 00:00

Thank you. I think it may be related to session and its expiration (from what I found it happens often when you leave your browser opened for a long time and then try to access secured page).

Any help is appreciated.

Posted by Community Admin on 28-Sep-2015 00:00

Hello,

We Introduced a setting for this behavior in the latest internal build:
http://www.sitefinity.com/developer-network/forums/internal-builds/sitefinity-8-1-internal-builds#HlH4yME3622pWP8AAERlJg

Please, try it and verify if the issue persists when the setting is enabled.

Regards,
Atanas Valchev
Telerik

 
Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
 

This thread is closed