Sitefinity redirects front-end users to backend login screen - Bugs & Issues - Bugs & Issues - Progress Community

Sitefinity redirects front-end users to backend login screen

 Bugs & Issues

Sitefinity redirects front-end users to backend login screen

  • Sitefinity redirects front-end users to backend login screen
  • I was able to reproduce the issue only a few times, but for sure there is some issue.

    Our web application allows users to create an account on the front-end without permissions to access site backend.

    We have some areas on the front-end where we require users to be authenticated (account management area).

    To do this we use EventHub and IUnathorizedPageAccessEvent, if event of this type is fired we check if user is trying to access backend or frontend page. If it's a front-end page we redirect to the front-end login screen.

    However, sometimes this event is fired at all and users are taken to Sitefinity backend login:

    http://<our.domain>/Sitefinity/Authenticate/SWT?realm=<referer.url>&redirect_uri=%2fSitefinity&deflate=true

    I guess this happens for accounts that have permission to access backend (maybe there is still some information in session or cookies).

    To authenticate users on the front-end we use SecurityManager.AuthenticateUser.

    Do you have any suggestions how can we solve this issue?

     

  • Good timing, I have a feedback portal item in discussion for this exact thing

    www.sitefinity.com/.../sitefinity-redirects-front-end-users-to-backend-login-screen

    Support suggests a javascript redirect widget (dont run the script in page edit mode!).  So when any user hits it, it should send them to the frontend login.

    I however have lots of experience with SF and custom redirects from the backend login page, and I'll guarantee you there will be issues, so I'm not even doing this.  Even worse is when you put in a ticket you'll get blamed with a "Custom Login".

     

    feedback.telerik.com/.../118951-refreshing-a-secured-page-after-the-session-is-expired-redirects-backend-users-to

  • Thank you. I think it may be related to session and its expiration (from what I found it happens often when you leave your browser opened for a long time and then try to access secured page).

    Any help is appreciated.

  • Hi,

    This information is helpful, I will test the scenario by authenticating via the api and verify if I can get the same behavior on my end.

    Regards,
    Atanas Valchev
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
  • Hello,

    We Introduced a setting for this behavior in the latest internal build:
    http://www.sitefinity.com/developer-network/forums/internal-builds/sitefinity-8-1-internal-builds#HlH4yME3622pWP8AAERlJg

    Please, try it and verify if the issue persists when the setting is enabled.

    Regards,
    Atanas Valchev
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items