Virtual Happy Hour this month, Jun 28, we'll be getting a sneak preview at our soon to launch SaaS CMS!

Try our conversational search powered by Generative AI!

Uploaded files requiring auth to access


This seems like a pretty basic piece of functionality, but we're having trouble tracking down what is causing it.  Any insight is appreciated.

Some of our pages allow images to be inserted.  The editor uploads the images to the media folder, then drops them onto the page.

If a user visits the site and is logged in, the page shows up and the images show correctly.  If the user is not logged in, the image shows up as a broken link.  Going to the image URL in that case prompts for a log in.  If the user logs in, the image is displayed correctly.

The image URL is generally /globalassets/some-media-path/filename.jpg.

I checked in the admin area, and the Global Assets folder permissions are set to allow Everyone read access, and it is set to propogate to all child items, so those seem correct.  That is the same as what is set on the pages in general, and the pages all show up without login, it is just the uploaded files that are prompting.

The blob provider is backed by S3, but I've tested using the default (file based) blob store as well, with identical results. 

Any ideas why attempting to open an /globalassets/ url would prompt for a login?

Thanks in advance!


Jun 25, 2014 17:43

We´ve had this issue before and it had to do with editors not having publish rights in a folder. When they uploaded the image it was successfully uploaded, but not published (hence users where prompted to login to access it). Is the image published?


Jun 25, 2014 17:50


Thank you so much!  This put us on the right track.  Yes, we were expecting the media file to be publishing automatically.  The users who upload the media do have permissions to publish it, but what we didn't realize is that the media types have some required metadata fields (alt text on images, for example), and those not being populated cause the auto-publishing to not happen.

By editing the media files and supplying the required metadata fields and then publishing, the /globalassets/ links work as expected for unauthenticated users.

Thank you again!

Jun 25, 2014 18:33


I have similar problem like you have. I import images from InRiver and can access them when I'm logged in, but as anonyomus user I will be redirected to login-page. As I can see they are published but cant get them to show up as anonyomus user. I publish them manually but with the same issue. Someone else with this problem?


Sep 12, 2014 9:00

Hi, I have this issue. vofflan

Oct 23, 2014 2:13

Images now are loading... any idea?

Oct 23, 2014 8:12

Hi Aldo,

The problem for us was that there were a defaultvalue set in the table [tblContentType] in db. I cant remeber the exact value but something like "DefaultMediaPreview..". Im not sure the exact columname but something like "Defaultdisplayview". We removed the values in the field and then it started to work for us. 


Oct 23, 2014 9:16

Hi Jonny:

Good to know, It that occurs again I'll tell you if that solve the issue.


Oct 23, 2014 18:11

Can also add I ran into the same problem, and we removed from tblContentType and inserted NULL instead (CTRL+0)

"EPiServer.Cms.Shell.UI.Controllers.Preview.DefaultMediaPreviewController, EPiServer.Cms.Shell.UI, Version=, Culture=neutral, PublicKeyToken=8fe83dea738b45b7"

From the line of the Default Image Controller

Jan 21, 2016 15:22
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.