+1-888-365-2779
Try Now
More in this section

Forums / Bugs & Issues / Login page ReturnUrl changes to cmsentrypoint.aspx

Login page ReturnUrl changes to cmsentrypoint.aspx

4 posts, 0 answered
  1. Vidya E
    Vidya E avatar
    5 posts
    Registered:
    15 Apr 2010
    16 Jun 2010
    Link to this post

    We have custom login page for our site and we are using form authentication.

    If users try to access a webpage, they’d be prompted with a login screen first. However, once they log in, they should then be directed to the page they originally entered.

    Problem here is, when the user is redirected to the login page the returnUrl of the page changes to ../login.aspx?ReturnUrl=%2fsitefinity%2fcmsentrypoint.aspx instead of having the user entered page as returnUrl so that we can redirect to that page after their login.

    How can we get the entered page in the returnUrl when redirecting to the login page?

  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    16 Jun 2010
    Link to this post
    Hello Vidya E,

    It seems that you have some code or  configuration that  force calling an internal handler before page internal check and you are redirected to our cmsentrypoint.aspx.

    All page requests pass through cmsentrypoint.aspx. The file inherits InternalPage.cs which implements methods for page management- getting  the mode of the page, name of the ICms Page, instance of CmsManager, optional page settings like EnableViewState, returns the name of the Theme to be set for the current page . Our CmsHttpModule rewrites the URL to cmsentrypoint.aspx, which is the page handler for each CMS page in the Sitefinity.



    1. Open your site web.config file and check whether you have set publicEntryPoint  in your web.config. If so remove it.

    2. Make sure that you do not have two Sitefinity project connected to the same database.

    3. <deny users "?"/ > setting in the web.config could cause this issue

    4. Please make sure that you do not have any custom code that runs on each request and causes calling cmsentrypoint.aspx.

    5. Send the error and the full stack of it, so we could try to figure out what causes the issue

    Best wishes,
    Ivan Dimitrov
    the Telerik team

    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
  3. Vidya E
    Vidya E avatar
    5 posts
    Registered:
    15 Apr 2010
    17 Jun 2010
    Link to this post

    Hi Ivan,

    As you mentioned we are using <deny users="?" /> in authorization tag, web.config.

     

    If I remove <deny users=”?”/> from web.config, users are directed to the corresponding page directly without going to the login page i.e users are able to view the webpages without any authetication.

     

    But we need to prompt the login screen first when the users try to access a webpage for the authentication.

    Is there any other way to redirect the user to the login screen without using <deny users=”?”/> in web.config ?

  4. Vidya E
    Vidya E avatar
    5 posts
    Registered:
    15 Apr 2010
    18 Jun 2010
    Link to this post
    Hi Ivan,

    I have found a solution for this ReturnUrl problem while using <deny users="?" /> in web.config instead of providing deny in page properties for each and every page.

    I have override the method GetEntryPoint() in Telerik.Cms.Web.CmsHttpModule.
    Created the following class:
     
    using System;
    using System.Collections.Generic;
    using System.Text;
    using Telerik.Cms.Web;
    using System.Configuration;
    using System.Web;
    using System.Web.Security;
    using System.Data;
    using System.Web.UI;
      
    namespace RedirectLogin
    {
        public class CustomCmsHttpModule : CmsHttpModule
        {
            //To check whether the user is authenticated or not
            bool check;
             
            protected override string GetEntryPoint(string pageMode)
            {
                if (check)
                    return base.GetEntryPoint(pageMode);
                else
                    return HttpContext.Current.Request.RawUrl;
                    //If not authenticated, will return the user requested url for return url of the login page
            }
      
            protected override bool IsAuthenticated(HttpContext context, bool ensureRoleProvider)
            {
                check = base.IsAuthenticated(context, ensureRoleProvider);
                return base.IsAuthenticated(context, ensureRoleProvider);
            }
              
        }
    }

     

    Copy the RedirectLogin.dll to the bin folder.

    And in web.config :

    <httpModules>
           <!--Use Telerik.Cms.Web.CmsHttpModule if authentication is not required else use RedirectLogin.CustomCmsHttpMoule  -->
          <!--<add name="Cms" type="Telerik.Cms.Web.CmsHttpModule, Telerik.Cms"/>-->
          <!--Use RedirectLogin.CustomCmsHttpMoule when authentication is required  -->
          <add name="Cms" type="RedirectLogin.CustomCmsHttpModule,RedirectLogin"/>
    </httpModules>
      
    <!-- Use Telerik.Cms.Web.CmsHttpModule -->
    <!-- <authentication mode="Forms">
    <forms name=".ASPNET" loginUrl="~/Sitefinity/login.aspx" protection="All" timeout="1440" path="/" enableCrossAppRedirects="true"  />
    </authentication>
    <authorization>
          <allow users="?" />      
    </authorization> -->
      
    <!-- Use RedirectLogin.CustomCmsHttpMoule -->
    <authentication mode="Forms">
          <forms name=".ASPNET" loginUrl="~/CustomLoginPage/login.aspx" cookieless="UseDeviceProfile" protection="All" timeout="1440" path="/" />
    </authentication>
    <authorization>
          <deny users="?" />
    </authorization>

    Use RedirectLogin.CustomCmsHttpModule only if authentication is required else use Telerik.Cms.Web.CmsHttpModule as RedirectLogin.CustomCmsHttpModule won't work if there is no authentication.

Register for webinar
4 posts, 0 answered