More in this section

Forums / Developing with Sitefinity / Security issue with Login out of box

Security issue with Login out of box

6 posts, 0 answered
  1. Pierre
    Pierre avatar
    433 posts
    Registered:
    16 Feb 2006
    13 Mar 2009
    Link to this post
    Hi,

    I have some troubles with my Login out of box. Could you confirm this old issue and found one UC Login that fixe this old issue please!

    http://www.sitefinity.com/support/forums/support-forum-thread/b1043S-bdtgth.aspx

    Regards
  2. Nikolai
    Nikolai avatar
    216 posts
    Registered:
    01 Jun 2017
    16 Mar 2009
    Link to this post
    Hi Pierre,

    This is actually not a bug. If a user is not part of any Role and the page has Permission View set to Deny for the role Everyone , the IIS will throw the exception - "This page is not served error!".

    Hope this helps.

    Best wishes,
    Nikolai
    the Telerik team


    Instantly find answers to your questions on the new Telerik Support Portal.
    Check out the tips for optimizing your support resource searches.
  3. Pierre
    Pierre avatar
    433 posts
    Registered:
    16 Feb 2006
    16 Mar 2009
    Link to this post
    Hi,
    I have some problems like:
    Using UC Login found as Login in Toolbox
    Using Login of Sitefinity admin side

    Sample1
    1/ if i connect one user, User1, and go to admin side
    2/ logout adminside and comeback to client side
    i'm logged always !.

    Sample2
    1/ If I login as user1, go backside in dashboard
    2/ logout adminside.
    3/ login in Sitefinity using Sitefinity as user2 in admin
    4/ come to initial page default i'm not more user2 but user1 !.

    The cookie is not shared between admin side (Sitefinity admin Login) and client side (Usercontrol out of box added to my page).
    The UserControl out of box not implement the same cookie ?

    regards
  4. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    18 Mar 2009
    Link to this post
    Hello Pierre,

    We cannot reproduce this behavior with default settings of Sitefinity. Can you send us the code you use to test it locally?

    Best wishes,
    Ivan Dimitrov
    the Telerik team


    Instantly find answers to your questions on the new Telerik Support Portal.
    Check out the tips for optimizing your support resource searches.
  5. Pierre
    Pierre avatar
    433 posts
    Registered:
    16 Feb 2006
    24 Mar 2009
    Link to this post
    Hi,
    After some test is not security issue but Cache issue.
    The Login Usercontrol and Loginstatus usercontrol is not refreshed after the post back. Cache substitution methods using new classes ( Partial, Full, None) not fix this issue. Only one refresh made with F5 refreshing the complete page and login status. work around : ajaxify login?.

  6. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    12 Sep 2017
    25 Mar 2009
    Link to this post
    Hi Pierre,

    As I remember I sent you a video at the ticket with the same topic. Caching pages and controls has different meaning which my colleague Bob has described at his blog. When you cache a page - the controls are not refreshed on post back - only when you use substitution controls.

    All the best,
    Ivan Dimitrov
    the Telerik team

    Check out Telerik Trainer , the state of the art learning tool for Telerik products.
Register for webinar
6 posts, 0 answered