+1-888-365-2779
Try Now
More in this section

Forums / Bugs & Issues / Sitefinity redirects front-end users to backend login screen

Sitefinity redirects front-end users to backend login screen

5 posts, 0 answered
  1. Albert
    Albert avatar
    8 posts
    Registered:
    19 Dec 2014
    18 Sep 2015
    Link to this post

    I was able to reproduce the issue only a few times, but for sure there is some issue.

    Our web application allows users to create an account on the front-end without permissions to access site backend.

    We have some areas on the front-end where we require users to be authenticated (account management area).

    To do this we use EventHub and IUnathorizedPageAccessEvent, if event of this type is fired we check if user is trying to access backend or frontend page. If it's a front-end page we redirect to the front-end login screen.

    However, sometimes this event is fired at all and users are taken to Sitefinity backend login:

    http://<our.domain>/Sitefinity/Authenticate/SWT?realm=<referer.url>&redirect_uri=%2fSitefinity&deflate=true

    I guess this happens for accounts that have permission to access backend (maybe there is still some information in session or cookies).

    To authenticate users on the front-end we use SecurityManager.AuthenticateUser.

    Do you have any suggestions how can we solve this issue?

     

  2. Steve
    Steve avatar
    3037 posts
    Registered:
    03 Dec 2008
    18 Sep 2015 in reply to Albert
    Link to this post

    Good timing, I have a feedback portal item in discussion for this exact thing

    http://www.sitefinity.com/developer-network/forums/bugs-issues-/sitefinity-redirects-front-end-users-to-backend-login-screen

    Support suggests a javascript redirect widget (dont run the script in page edit mode!).  So when any user hits it, it should send them to the frontend login.

    I however have lots of experience with SF and custom redirects from the backend login page, and I'll guarantee you there will be issues, so I'm not even doing this.  Even worse is when you put in a ticket you'll get blamed with a "Custom Login".

     

    http://feedback.telerik.com/Project/153/Feedback/Details/118951-refreshing-a-secured-page-after-the-session-is-expired-redirects-backend-users-to

  3. Atanas Valchev
    Atanas Valchev avatar
    414 posts
    Registered:
    04 Jan 2016
    23 Sep 2015
    Link to this post
    Hi,

    This information is helpful, I will test the scenario by authenticating via the api and verify if I can get the same behavior on my end.

    Regards,
    Atanas Valchev
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
  4. Albert
    Albert avatar
    8 posts
    Registered:
    19 Dec 2014
    23 Sep 2015 in reply to Atanas Valchev
    Link to this post

    Thank you. I think it may be related to session and its expiration (from what I found it happens often when you leave your browser opened for a long time and then try to access secured page).

    Any help is appreciated.

  5. Atanas Valchev
    Atanas Valchev avatar
    414 posts
    Registered:
    04 Jan 2016
    28 Sep 2015
    Link to this post
    Hello,

    We Introduced a setting for this behavior in the latest internal build:
    http://www.sitefinity.com/developer-network/forums/internal-builds/sitefinity-8-1-internal-builds#HlH4yME3622pWP8AAERlJg

    Please, try it and verify if the issue persists when the setting is enabled.

    Regards,
    Atanas Valchev
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
5 posts, 0 answered