More in this section

Forums / General Discussions / Error Deny Anonymous

Error Deny Anonymous

2 posts, 0 answered
  1. Aaron
    Aaron avatar
    24 posts
    Registered:
    15 Feb 2008
    22 Apr 2011
    Link to this post
    Trying to force user to authenticate before viewing page. I have tried two methods and both result in error below.

    1. broke page inherintance, deny anonymous
    2. broke page inherintance, set who can view page to authenticated role.

    Shouldn't it redirect to default login page?


    Using fresh 4.1 installation. I have not modified the web.config to specify login page. Using default providers no customizations.





    Server Error in '/' Application.
    --------------------------------------------------------------------------------
     
    You are not authorized to 'View a page' ('Pages').
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
     
    Exception Details: System.UnauthorizedAccessException: You are not authorized to 'View a page' ('Pages').
     
    ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6 and IIS 7, and the configured application pool identity on IIS 7.5) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.
     
    To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Highlight the ASP.NET account, and check the boxes for the desired access.
     
    Source Error:
     
    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below. 
     
    Stack Trace:
     
     
    [UnauthorizedAccessException: You are not authorized to 'View a page' ('Pages').]
       DynamicModule.ns.Wrapped_OpenAccessPageProvider_bd740ea2b19c4493b91ece5ae4b7726e.GetPageNode(Guid id) +298
       Telerik.Sitefinity.Modules.Pages.PageManager.GetPageNode(Guid id) +73
       Telerik.Sitefinity.Web.SiteMapBase.GetFirstPageDataNode(PageSiteNode node) +290
       Telerik.Sitefinity.Web.PageRouteHandler.GetHttpHandler(RequestContext requestContext) +275
       System.Web.Routing.UrlRoutingModule.PostResolveRequestCache(HttpContextBase context) +8890312
       System.Web.Routing.UrlRoutingModule.OnApplicationPostResolveRequestCache(Object sender, EventArgs e) +86
       System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +148
       System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +75
     
      
     
     
    --------------------------------------------------------------------------------
    Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1
  2. Boyan Barnev
    Boyan Barnev avatar
    1429 posts
    Registered:
    28 Aug 2017
    27 Apr 2011
    Link to this post
    Hi Aaron,

    I have replied to the support thread you have opened, you can check my response there. For your convenience I'm pasting my reply below:
    "Please accept my apology for the inconvenience caused by this issue. Currently when trying to access a page that has its view permissions set  to Deny Anonymous, the server returns an http status code of 500 instead of 403. This is a known bug that we have logged for fixing. We have raised its priority so that we can ship the fix with the next release. Unfortunately, there is no 100% working workaround that you can apply for now. One option is to include a script in your template that's checking if the page URL matches a certain string, which denotes the page is in a protected area, and if so, redirect the user to a login page. There is a rather long discussion related to this problem, which you can track on this forum thread.
    I hope this information helps. If you need any further assistance, please do not hesitate to write back."


    Best wishes,
    Boyan Barnev
    the Telerik team

2 posts, 0 answered