Forums (Obsolete)

Member

lukek - 11/20/2012 9:56:07 PM

Security Url Redirect error

Hi,

I am working on a site at the moment which has a bunch of documents that are not available to public users. These documents can either be content or a file of some sort such as a pdf. If it is a file I am directing users to the attachment

I have my permissions set up correctly so only logged in users can see the file or the content however my issue is that I want if the user isn't logged in to redirect to the log in page(currently working) and store the return url for the login webpart to redirect the user back to the previous page once logged on.

This is currently working for everywhere on the site such as if they are viewing the actual document, or trying to post on the forum however in the case of a document attachment it isn't storing the return url in the querystring. Is there anything i'm missing or anyway to get this fixed?

Hope that was clear, if not I can provide more information.


Member	lukek - 11/22/2012 5:54:31 PM RE:Security Url Redirect error Is it possible if I can get a reply to this? I feel like this might potentially be a bug.


Member	lukek - 11/22/2012 5:56:19 PM RE:Security Url Redirect error lukek wrote: Is it possible if I can get a reply to this? I feel like this might potentially be a bug. Also I tried restructuring my content and using the standard kentico CMS.File document type and this had the same problem.

Member

davids-kentico - 11/23/2012 10:11:38 AM

RE:Security Url Redirect error

Hi,

I'm afraid I cannot reproduce your problem. I set up a repeater that displays CMS.Files. The files require users to sign in to view them (Properties -> Security -> Requires authentication to Yes).

When I request one of the files, I get redirected to the logon page with the correct return URL.

Couple of questions:

Could you post an example of a return URL that does not append to the logon page URL?

Do the files appear all right when you're logged in?

And just to be sure, please check your Event log for any related errors.

Member

lukek - 11/25/2012 5:12:48 PM

RE:Security Url Redirect error

Hi David,

Thank you for the reply. I feel rather silly, my access was set to inherits. I had my users and roles set up with authenticated users.

Is this normal that it still kept the permissions on the page on both file and normal content types and also redirected to the login page but only kept the url if it was a normal document type?

It seems a little inconsistent to me. None the less thank you for the help and it is now solved :)

Kentico Support

kentico_zdenekc - 12/4/2012 7:10:06 PM

RE:Security Url Redirect error

Hi,

Just to add a little bit to the inconsistency - I'm not sure I'm getting your description of the behavior correctly, maybe it would be clearer in other words..

As for the security, when dealing with files, you should be also aware of the Check files permissions setting described at DevGuide - Files related settings

Check files permissions - If checked, document permissions are applied to the files.

Should you need any additional details, please feel free to ask.

Regards,
Zdenek