SaaS CMS has officially launched! Learn more now.

Login box not working when editor session times out

Vote:
 

Hi,

We have an EPiServer 7.5 site set up using the multiplexing provider. The first provider is a custom one, the second is the WindowsMembershipProvider.

We also have a custom login page specified in the forms authentication config:





The issue we have is: when an editor is editing a page and their session expires (can be set by altering the timeout in the forms authentication snippet above), the user is not redirected to our custom login page. They instead get a dialog box appear prompting them to log in again. This login box does not seem to work with our custom MemberhsipProvider. It will not log our editors back in.

Login box

When I try to log in with the box, our custom membership provider code does not get called. There is an IIS access forbidden error being logged to the JavaScript console.

Is there a way we can get the login dialog box to work with our multiplexing provider, or disable the dialog box and redirect the user to the login page?

Is this a bug with EPiServer 7.5?

Any help appreciated.

Paul

#113745
Nov 27, 2014 10:57
Vote:
 

Hi Paul! Do you have any non standard ASP.NET authentication logic in your custom login page (other than Membership.ValidateUser and FormsAuthentication.SetAuthCookie calls)?

#113800
Nov 28, 2014 9:41
Vote:
 

Hi Mattias,

I can't really see anything that would affect ASP.NET Authentication. We are essentially calling Membership.ValidateUser and FormsAuthentication.SetAuthCookie on our custom login page, along with some validation logic and logging.

What confuses me is the fact that our Custom Membership Provider code doesn't get called from EPiServer's login dialog box.

Interestingly, I can log in fine using /Util/Login.aspx, so that is using our Custom Membership Provider ok.

Thanks,

Paul

#113804
Nov 28, 2014 10:29
Vote:
 

Ok, not sure but that sounds like a bug to me.

#113850
Nov 28, 2014 12:54
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.