Even if logged in the backend, basic authentication dialog opens up when accessing frontend resources (frontend site, backend preview or BLE with previews) #12529
Comments
|
Hi @simonech, We're writing to let you know that we would love some help with this issue. We feel that this issue is ideal to flag for a community member to work on it. Once flagged here, folk looking for issues to work on will know to look at yours. Of course, please feel free work on this yourself ;-). If there are any changes to this status, we'll be sure to let you know. For more information about issues and states, have a look at this blog post. Thanks muchly, from your friendly Umbraco GitHub bot :-) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Which exact Umbraco version are you using? For example: 9.0.1 - don't just write v9
9.5.0
Bug summary
The basic authentication dialog pops up when browsing the site, even if you are authenticated already in the backend.
It also pops up in the backend when looking at the preview from the backend or if a BLE contains a component whose preview references to urls outside of /umbraco.
Specifics
The workaround is to login first in the frontend and then go to the backend.
I see a small difference in the ways cookies are set:
when logging in via the backend, the UMB_UCONTEXT is set with expiration of one hour
while when logging in via basic auth dialog the same cookie is set as "session"
Steps to reproduce
Expected result / actual result
You should be able to browse the site, without the basic auth dialog popping up.
But you get the dialog (and interestingly, if you cancel you can still browse the site).
Obviously if you login again everything works, but is annoying to login twice.
The workaround is to login first in the frontend and then go to the backend. But login in the frontend is via basic auth instead of via a proper login screen, so more prone to "interception".
The text was updated successfully, but these errors were encountered: