I have a widget on a Sitefinity 8.0 page that redirects to a login protected page when a child button is clicked.
Most of the time after authenticating, the OAuthLogin widget redirects to whatever is specified in the RedirectUrl URL parameter. However, once in a while, the OAuthLogin widget does not redirect and instead does a postback (looks like a refresh).
What I discovered is that this redirect error never happens for Sitefinity users in the Administrator role. My co-worker would have this error happen for him on multiple
machines including mine, but my admin account would never experience
I'd like to add that the login functionality works because the
Sitefinity user is successfully logged in. In fact, after the
postback/failed redirect, when the authenticated user clicks logout, the
browser then redirects to the specified RedirectUrl that it was supposed to go to.
The OAuthLogin widget is not a custom widget so I do not
have code for that, but maybe someone with more Sitefinity experience
can explain what is happening. I have looked at the console for any
errors but cannot find any because of the postback that occurs upon
clicking the login button. Has anybody experienced this with Sitefinity
and is there something I am not understanding about the OAuthLogin widget or how Roles are applied to page permissions in Sitefinity?
We have not had any issues setting up the STS login or installing the OauthExternalAuthentication module. The authentication works just fine. Also, we are not using an external provider yet; just logging in using Sitefinity credentials.
Like I stated, occasionally.. a non-Admin/non-Backend user tries to access a login-protected page. After logging in successfully, the page simply refreshes instead of redirecting to the RedirectURL in the URL parameters.
The RedirectURL is correct and like I have already stated, the User is authenticated. Again, this only happens when a non-Admin account is trying to do this. Also, I have made sure that my page permissions are correct and that the Role that this non-Admin account is under is permitted to access this page. I even set newly registered users under that custom Role upon registration, but nothing has changed.
We no longer have access to updates. Could you please provide more information on the issue so we can build our own control to fix the issue.