Setting FrontEndLoginPageUrl does not work - Bugs & Issues - Bugs & Issues - Progress Community
 Bugs & Issues

Setting FrontEndLoginPageUrl does not work

  • Setting FrontEndLoginPageUrl does not work
  • I am attempting to create a custom login page for a site I am working on.  I do not want to display the Sitefinity login to end users as they will mostly be front end users and the sitefinity login does not match our styles and also lets people know what CMS I am using.

    I have created a page in sitefinity called Login, and added a claims based login widget to the page.  Now I would like to redirect unauthenticated requests to this page.
    I am using MVC controls on my pages that contain the [Authorize] attribute in the controller.

    I then set the FrontEndLoginPageUrl setting under Advanced -> Project -> Default Site to "~/Login", but no matter what unauthenticated page requests are still redirected to the backend login page.  Is there some other dependency for this setting to work?  I would also like them to be taken back to the login page if they click the logout link anywhere in a page...

    Are there any recommendations on handling this situation?  I would use the default page if I could customize it, but cannot find any related information on how to do this...

    Thanks
    Bobby
  • Hello,

    Would it be possible for you to review the following blog post where you will find further information about redirecting unauthorized users to a custom page:

    www.sitefinity.com/.../redirect-unauthorized-users-to-a-custom-page

    Kind regards,
    Stefani Tacheva
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  • I have reviewed and tested the code based solution but I am still redirected to the standard sitefinity login page after rebuild.  I am using MVC and have customer routes, and am using the [Authorize] attribute though other methods do not seem to have an affect.

    I placed the Initialized event before any other statements to make sure that nothing conflicts with the event, but still no luck.  In fact I do not see that the IUnauthorizedPageAccessEvent even fires.

    01.protected void Application_Start(object sender, EventArgs e)
    02.       
    03.           Bootstrapper.Initialized += new EventHandler<Telerik.Sitefinity.Data.ExecutedEventArgs>(Bootstrapper_Initialized);
    04. 
    05.           Globals.AppGlobals.RegisterAdvancedSearch();
    06.           Globals.AppGlobals.RegisterConfigDefaults();
    07. 
    08.            
    09.           Bootstrapper.MVC.MapRoute(
    10.               "Classic",
    11.               "JSON/controller/action",
    12.               new action = "Index" );
    13.           Bootstrapper.MVC.MapRoute(
    14.              "ClassicWithLanguage",
    15.              "Language/JSON/controller/action",
    16.              new action = "Index" );
    17.           Bootstrapper.MVC.MapRoute(
    18.              "JSViewRenderer",
    19.              "Language/JVIEW/*id",
    20.              new controller = "JSView", action = "GetView" );
    21. 
    22.       
    23.       void Bootstrapper_Initialized(object sender, Telerik.Sitefinity.Data.ExecutedEventArgs e)
    24.       
    25.           
    26.           if (e.CommandName == "Bootstrapped")
    27.           
    28.               //use UnauthorizedPageAccessEvent
    29.               EventHub.Subscribe<IUnauthorizedPageAccessEvent>(new Telerik.Sitefinity.Services.Events.SitefinityEventHandler<IUnauthorizedPageAccessEvent>(OnUnauthorizedAccess));
    30.           
    31.       
    32. 
    33.       void OnUnauthorizedAccess(IUnauthorizedPageAccessEvent unauthorizedEvent)
    34.       
    35.           var url = unauthorizedEvent.Page.Url.TrimStart('~');
    36.           //for this specific page redirect to CustomerLoginPage
    37.           if (unauthorizedEvent.Page.Title.Contains("Home"))
    38.               unauthorizedEvent.HttpContext.Response.Redirect("~/login");
    39.           //for all other pages redirect to the Sitefinity login page
    40.           //if you do not use the else clause you will be redirected to the Sitefinity login page in all other cases different that the above one
    41.           else
    42.               unauthorizedEvent.HttpContext.Response.Redirect("~/Sitefinity");
    43.       
       
    I also am confused as to why the FontEndLoginPageUrl does not work, this would be a much more elagant solution.  Basically if a user is not attempting to directly access a backend page we should be able to modify what login screen they are presented with.  The global.asax options seems more like a hack than a built in solution.
  • We are currently using 5.4 with this application and do not have the Multisite module installed. 
    From what I can tell the Bootstrapper_Initialized event is firing, but when redirected to the default login page I do not see that the OnUnauthorizedAccess event fire, which would explain why we are not being redirected to the page I would like.
    Is there a possibility that this event is not fired when redirected via MVC controller [Authorize]?
  • Hello Bobby,

    Can you tell us which Sitefinity version are you using? Please try deactivating the Multisite module if applicable (version 5.4+), then specifying the FrontEndLoginPageUrl property's value should work.

    Kind regards,
    Pavel Benov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  • Hi Bobby,

    Can you try stripping off the MVC controllers from the page/pages, so we can be certain that this is not the problem? Also try with either the FrontEndLoginPageUrl field, or the OnUnauthorizedAccess event, but not the 2 at same time and let us know of the outcome.

    Greetings,
    Pavel Benov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  • I created a Sitefinity project from scratch, attempted both methods and still get the same results.  I did not have them enabled at the same time.

    I created a new project, a new bare MVC controller that requires authentication and an Index action result with corresponding Index.cshtml in the views folder.  Very simple...

    [Authorize]
        [ControllerToolboxItem(Name = "AuthTestView", Title = "Auth View", SectionName = "MVC Test")]
        public class AuthenticationController : Controller
        
            public ViewResult Index(Nullable<int> id)
            
                return View();
     
            
        

    Created two pages in administration with built-in templates (Hybrid - no custom master page).
    • Home - I added the MVC control to this page as well as a login/logout button for testing.
    • Login - The only thing on this page is the newer Login control.
    I then attempted setting the FrontEndLoginPageUrl to ~/Login.  After setting this I am still directed to the default back-end login page when going to Home which has the MVC widget added.  Attempted resetting IIS just in case, etc but no go...

    I then removed the setting from administration, added a Globals.asax and put the code in to handle the UnauthorizedAccess event.  This was also a no go.

    I do know that the UnauthorizedPageAccessEvent is never firing in this situation.

    At this point I am at a loss.

    Thanks,
    Bobby Ross
  • Hello,

    I have tested the provided code in a MVC widget which I have dropped on a page. Then I have requested that page from another browser in which I have not authenticated. I was redirected to the page specified in the FrontEndLoginPageUrl property.

    Please go to Pages->Permissions for all pages and allow the pages to be viewed only by Authenticated users - see image.

    Let me know if the redirect is still not executed afterwards.

    All the best,
    Pavel Benov
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  • Hi ,

    Hi ,I am using sitefinity 7.2 version .How to access Backend Sitefinity page without login prompt. My client requirement he want  that  he should  access backend pages on valid user (Window Authentication)  please reply me as soon as possible

  • Hi,

    just have a look here:

    docs.sitefinity.com/administration-set-up-sso-with-windows-authentication

     

  • Hi,

    I've tested this functionality both with the MVC and Webforms widget. They don't respond to theFrontEndLoginPageUrl value that was entered in the backend.

    I had this issue with Sitefinity 7.3 and also with Sitefinity 8.0

    Best,
    Daniel

  • How do I get a GUID from a login page?

    Regards.