+1-888-365-2779
Try Now
More in this section

Forums / Bugs & Issues / Sitefinity OAuthLogin sometimes only redirects for Administrator role

Sitefinity OAuthLogin sometimes only redirects for Administrator role

6 posts, 1 answered
  1. Terence
    Terence avatar
    4 posts
    Registered:
    09 Feb 2015
    10 Apr
    Link to this post

    I have a widget on a Sitefinity 8.0 page that redirects to a login protected page when a child button is clicked.
    Most of the time after authenticating, the OAuthLogin widget redirects to whatever is specified in the RedirectUrl URL parameter. However, once in a while, the OAuthLogin widget does not redirect and instead does a postback (looks like a refresh).
    What I discovered is that this redirect error never happens for Sitefinity users in the Administrator role. My co-worker would have this error happen for him on multiple machines including mine, but my admin account would never experience this.
    I'd like to add that the login functionality works because the Sitefinity user is successfully logged in. In fact, after the postback/failed redirect, when the authenticated user clicks logout, the browser then redirects to the specified RedirectUrl that it was supposed to go to.
    The OAuthLogin widget is not a custom widget so I do not have code for that, but maybe someone with more Sitefinity experience can explain what is happening. I have looked at the console for any errors but cannot find any because of the postback that occurs upon clicking the login button. Has anybody experienced this with Sitefinity and is there something I am not understanding about the OAuthLogin widget or how Roles are applied to page permissions in Sitefinity?

  2. Dimitri Cools
    Dimitri Cools avatar
    80 posts
    Registered:
    08 Dec 2016
    12 Apr
    Link to this post
    Hello,

    Are you referring and using the OauthExternalAuthentication project from the GitHub repository ? (https://github.com/Sitefinity/Sitefinity-External-STS-Integration) . Since this is custom widget created in an external assembly you should be able to edit it with Visual Studio.
    Which service are you using for the authentication ? 

    For reference I also provide the documentation link to
    Set up external STS login

    As a sidenote, please note, that in the browser (Advanced settings -> Security) the external Auth domain needs to be entered in the the trusted domains. For instance, for Facebook, you should add "www.facebook.com" in the trusted domains. 

    Regards,
    Dimitri Cools
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
  3. Terence
    Terence avatar
    4 posts
    Registered:
    09 Feb 2015
    12 Apr
    Link to this post

    We have not had any issues setting up the STS login or installing the OauthExternalAuthentication module. The authentication works just fine. Also, we are not using an external provider yet; just logging in using Sitefinity credentials.

    Like I stated, occasionally.. a non-Admin/non-Backend user tries to access a login-protected page. After logging in successfully, the page simply refreshes instead of redirecting to the RedirectURL in the URL parameters.

    The RedirectURL is correct and like I have already stated, the User is authenticated. Again, this only happens when a non-Admin account is trying to do this. Also, I have made sure that my page permissions are correct and that the Role that this non-Admin account is under is permitted to access this page. I even set newly registered users under that custom Role upon registration, but nothing has changed.

  4. Dimitri Cools
    Dimitri Cools avatar
    80 posts
    Registered:
    08 Dec 2016
    14 Apr
    Link to this post
    Hello,
     
    Based on your explanation you could be encountering the following bug:
    http://feedback.telerik.com/Project/153/Feedback/Details/146549-login-frontend-users-are-not-redirected-to-the-url-specified-in-the-returnurl-qu

    Please consider upgrading to the latest internal build of 8.0 or a higher version to overcome this.

    For your information: Use the following procedure to upgrade your current version of Sitefinity to any other higher version.

     
    Regards,
    Dimitri Cools
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
    Answered
  5. Eric
    Eric avatar
    1 posts
    Registered:
    19 Oct 2012
    18 Apr
    Link to this post

    We no longer have access to updates. Could you please provide more information on the issue so we can build our own control to fix the issue.

    Thank you.

  6. Dimitri Cools
    Dimitri Cools avatar
    80 posts
    Registered:
    08 Dec 2016
    20 Apr
    Link to this post
    Hello,

    Unfortunately there is no direct workaround for this issue. 
    To circumvent the problem it is advised to upgrade to Sitefinity's Internal Build 8.0.5715.0 or higher.
     
    Regards,
    Dimitri Cools
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
6 posts, 1 answered