I was able to reproduce the issue only a few times, but for sure there is some issue.
Our web application allows users to create an account on the front-end without permissions to access site backend.
We have some areas on the front-end where we require users to be authenticated (account management area).
To do this we use EventHub and IUnathorizedPageAccessEvent, if event of this type is fired we check if user is trying to access backend or frontend page. If it's a front-end page we redirect to the front-end login screen.
However, sometimes this event is fired at all and users are taken to Sitefinity backend login:
I guess this happens for accounts that have permission to access backend (maybe there is still some information in session or cookies).
To authenticate users on the front-end we use SecurityManager.AuthenticateUser.
Do you have any suggestions how can we solve this issue?