401 error on authenticating pages
Usually, when a permission applied page is requested, but the user has not logged on yet, the user gets a login page and a redirect url. But for some reason, my pages I'm applying permissions to, are showing a 401 not authorized now instead of the login. Any ideas why?
Ok, so the page can be accessed properly by the user whom is assigned the role. The only problem is I can't use the login page and redirect to the page. When I attempt to provide a url
demo.com/sitefinity/login?returnUrl=/demo/example/pages , user logs in but page does not display (error , you do not have permission to access url).
BUT
demo.com/sitefinity/demo/example/pages , works .... :/
I have had a similar problem before. Does the returnUrl appear to be not working? Like it will stay in the url but the page will not redirect?
If so try turning of caching for that page and see if it works. That is what solved it for me.
Hello,
What is the actual Sitefinity version you are using? For frontend login, please, check if you have a login status widget on the same page with the login widget or from the page you want to redirect from. It may interfere the return Url parameter. Please, try also using the login widget on a separate blank page and test the return Url. If you are logging through the backend widget, check the requests made, you can also try disabling the cache for that page as suggested, however, the cache should be invalidated automatically when you login.
Regards,
Nikola Zagorchev
Telerik
Does not appear to be the caching. I set the page property to not cache, then tried 3 browsers and still getting 401 error :/
Hello Kola,
I'm using SF version 6.3.5000.
I have a page that requires authentication /test/user-pages
If you are already logged in, then it shows. But if you are not logged in/authenticated, it shows a 401 error and not the /sitefinity with redirect.
I've updated some code in global.asax. Could this affect it?
Hello Richard,
It could affect the redirecting on unauthorized. Please, check also your web.config for any rewrite rules that might break the redirect to /sitefinity. Have you tried configuring a public login, as well? You can also try catching the unauthorized event - IUnauthorizedPageAccessEvent, as shown here:
http://docs.sitefinity.com/for-developers-pages-events#iunauthorizedpageaccessevent
Regards,
Nikola Zagorchev
Telerik
No login status widget anywhere.
What I notice, when i put in a url to a page requiring authentication, the url in the browser stats the same. It does not redirect to the login page, nor does any url param get included/passed (for return or anything). It just simply shows a 401.
Hi
Would it be possible to test this using the default web.config and removing all rewrites or httpmodules, custom redirects server side etc. ? Could you please also check whether you have configured the login page for the site - you can do this in Advanced settings -> Project -> Site or in the multisite settings if using multisite? Please, also let me know whether you are using STS or OAuth.
Regards,
Nikola Zagorchev
Telerik
Hello, been a long time since this. Found in a response on another thread the perfect solution. Not sure if I'm just patching something wrong, or if this is by design, but nevertheless, works well. The added benefit I believe is i can also create my own custom login page. Here are the steps
Administration -> Settings -> Advanced -> Project -> DefaultSite
There you have the properties FrontEndLoginPageUrl / FrontEndLoginPageId.
www.sitefinity.com/.../redirect-unauthorized-users-to-a-custom-page