More in this section

Forums / General Discussions / Accessing restricted pages not sending to login page

Accessing restricted pages not sending to login page

6 posts, 0 answered
  1. Chris
    Chris avatar
    11 posts
    Registered:
    07 Mar 2011
    22 Mar 2011
    Link to this post
    I  need to have the ability to only allow "Authenticated" user roles to access the members folder and below of my website.

    My site is setup as follows:

    \root
    \root\Members\
    \root\Members\Index
    \root\Members\Module1\Index
    \root\Members\Module2\Index

    If a user clicks on \root\Members or any other link below \root\Member, I would like to have them redirected to the login page.

    Inside of SiteFinity (4.0), I have the "Members" page setup as a group page and the role permissions allow for "Authenticated" users to allowed and "Anonymous" users to deny.

    Inside of my web.config, I have my forms and custom errors sections setup as follows:

    <authentication mode="Forms">
    <forms loginUrl="~/login" defaultUrl="~/Members/" timeout="60" />
    </authentication>
        
    <customErrors mode="On" defaultRedirect="~/login">
          <error statusCode="403" redirect="~/login" />
    </customErrors>


    When a user who is not yet "Authenticated" visits \root\Members, there appears to be a 403 error sending the user to the login page. 

    The url that gets returned is as follows:

    http://localhost:82/login?aspxerrorpath=/members

    On my login page, I have a login control that allows the user to enter their username and password.  If the credentials are valid, I am able to login, however, I am not redirected to the original destination page that the user originally clicked on (for the example above /members).

    How do I setup the sitefinity Login control to redirect the user to their original page, especially since the query string is showing "?aspxerrorpath" when I think it should be showing "?ReturnUrl/members"

  2. Alon Rotem
    Alon Rotem avatar
    26 posts
    Registered:
    29 Feb 2016
    24 Mar 2011
    Link to this post
    Hi Chris,

    This feature (of handling the aspxerrorpath in the error pages) is not implemented at this time.
    I have logged a task (#39265) pending to be implemented on Q2.

    All the best,
    Alon Rotem
    the Telerik team
  3. George
    George  avatar
    204 posts
    Registered:
    05 Sep 2006
    01 Apr 2011
    Link to this post
    Hi Chris,

    You can use this workaround on the page load event of the login page

    if (Request.QueryString["aspxerrorpath"] != null)
    {
        Response.Redirect(Request.RawUrl.Replace("aspxerrorpath", "ReturnUrl"));
    }
  4. Chris
    Chris avatar
    11 posts
    Registered:
    07 Mar 2011
    14 Apr 2011
    Link to this post
    Hi George

    Thanks for this reply.  However, I'm unclear on how I do this in a page built inside of SiteFinity and not a true "Login.aspx" page.  I need to have the ability to allow my client to adjust the Login page as necessary without touching the .aspx pages, that's why I'm using the login page created inside of SiteFinitity.

    Do I need to create a Custom control put on the page?

    I also noticed you answered a similar question in the following post.

    http://www.sitefinity.com/devnet/forums/sitefinity-4-x/general-discussions/sitefinity-4-0-forms-authentication.aspx

    In that article you mention that we need to create a Custom Login control.  For this custom login control, can I inherit the base functionality of the SiteFinity login control and extend it or do I have to implement all the details that this control already contains today?

    I should add, if I can Inherit and re-use the SiteFinity Login control, how would I go about being able to do that?

    Thanks,

    Chris
  5. Thomas Weidman
    Thomas Weidman avatar
    5 posts
    Registered:
    16 Apr 2004
    19 May 2011
    Link to this post
    Another quick alternative is to create your own class library and extend Telerik.Sitefinity.Web.UI.PublicControls.LoginControl and override the OnLoad method like this:

    public class Login : Telerik.Sitefinity.Web.UI.PublicControls.LoginControl
    {
        protected override void OnLoad(EventArgs e)
        {
            if (Page.Request.QueryString["aspxerrorpath"] != null)
            {
                Page.Response.Redirect(Page.Request.RawUrl.Replace("aspxerrorpath", "ReturnUrl"));
            }
     
            base.OnLoad(e);
        }
    }


    Then just change your toolbox to use this new control.
  6. Andrei
    Andrei avatar
    553 posts
    Registered:
    27 Nov 2008
    29 Jul 2011
    Link to this post
    Hi,

    How about this one (see attached images). When I log off through another browser on the same
    machine and return to teh previous browser and try to invoke a property editor, I get the 'loginscreeninprpertyeditor.jpg' and when I enter the credentials i then get the error shown on 'afterloginerror.jpg'. I know that logging off from another browser is not normal use, but the redirection to the login page seems to have failed here.

    Many thanks,
    Andrei
6 posts, 0 answered