Skip to main content

Redirect restricted media items with ReturnURL

Sitecore can redirect the user to login page if the requested item is restricted for anonymous users. This can be done in the Site configuration. 

requireLogin="true"
loginPage="/redirectpage"

There are two differences in this redirection. For Sitecore item, it will be redirected with returnURL querystring with source url. For Media item, querystring is not added. 

In one of the project, we had to handle the redirection based on the source url for the Sitecore Media items. To achieve this, MediaRequestHandler can be modified and it will return a query parameter with source URL. Please make sure to update the <handler> with the new class and assembly name. 

        /// <summary>
        /// Performs the actual request processing.
        /// </summary>
        /// <param name="context">
        /// The context.
        /// </param>
        /// <returns>
        /// The do process request.
        /// </returns>
        protected override bool DoProcessRequest(HttpContext context)
        {
            Assert.ArgumentNotNull(context, "context");
            MediaRequest mediaRequest = MediaManager.ParseMediaRequest(context.Request);
            if (mediaRequest == null)
            {
                return false;
            }
            Media media = MediaManager.GetMedia(mediaRequest.MediaUri);
            if (media == null)
            {
                using (new SecurityDisabler())
                {
                    media = MediaManager.GetMedia(mediaRequest.MediaUri);
                }
                string text;
                if (media == null)
                {
                    text = Sitecore.Configuration.Settings.ItemNotFoundUrl;
                }
                else
                {
                    Assert.IsNotNull(Context.Site, "site");
                    text = ((Context.Site.LoginPage != string.Empty) ? Context.Site.LoginPage : Sitecore.Configuration.Settings.NoAccessUrl);
                }

                UrlString urlString = new UrlString(text);
                if (string.IsNullOrEmpty(urlString["returnUrl"]))
                {
                    urlString["returnUrl"] = WebUtil.GetRawUrl();
                    urlString.Parameters.Remove("item");
                    urlString.Parameters.Remove("user");
                    urlString.Parameters.Remove("site");
                }
                WebUtil.Redirect(urlString.ToString(), false);

                return true;
            }
            return this.DoProcessRequest(context, mediaRequest, media);

        }

In the web.config, <handler> tag has to be updated with new class and assembly name. 

      <add verb="*" path="sitecore_media.ashx" type="CustomHandler.MediaRequestHandler, CustomHandler" name="Sitecore.MediaRequestHandler" />

Popular posts from this blog

How to use SecurityDisabler and UserSwitcher in Sitecore v6.5 – 6

If current context user doesn’t have permission to access this item, Sitecore will return null or throw exception. 
Note: It is recommended to provide context user with appropriate rights than using SecurityDisabler or UserSwitcher.SecurityDisabler:  !SecurityDisabler will elevate the context user to have administrative privilegeand so context user will be able to do anythingon the system.new Sitecore.SecurityModel.SecurityDisabler();UserSwitcher:UserSwitcher allows a segment of code to run under a specific user instead of current context user. new Sitecore.Security.Accounts.UserSwitcher(Sitecore.Security.Accounts.User.FromName("username",false));Sample Code        ///<summary>/// Code snippets explaining SecurityDisabler and UserSwitcher///</summary>privatevoid SecuritySample()        {//Getting Master Database            Sitecore.Data.Database masterDB = Sitecore.Configuration.Factory.GetDatabase("master");//Getting a Sitecore Item            Sitecore.…

How to access Sitecore Items in Code Behind (Sitecore v6.5) – 4

To get a Sitecore Content Item, use Sitecore.Data.Database.GetItem(Path)
­Sitecore Content Item Class: Sitecore.Data.Items.Item(Get Sitecore Item from “/sitecore/content/Home/myItem”)Sitecore.Data.Database master = Sitecore.Configuration.Factory.GetDatabase("master");Sitecore.Data.Items.Item myItem = master.GetItem("/sitecore/content/Home/myItem");If item does not exist or current context user doesn’t have permission to access this item, Sitecore will return null or throw exception. Case is Insensitive while using path to get the items.To get a Sitecore Template Item, use Sitecore.Data.Database.GetTemplate(ID)­Sitecore Template Item Class: Sitecore.Data.Items.TemplateItem(Get Template Item: Folder Template)Sitecore.Data.Items.TemplateItem item = master.GetTemplate(Sitecore.TemplateIDs.Folder);To get a Sitecore Media Item, use Sitecore.Data.Database.GetItem(Path)­Sitecore Media Item Class: Sitecore.Data.Items.MediaItem(Get Media Item from “/sitecore/content/Media Lib…

How to enable Single Sign On in Sitecore with Active Directory Users and Roles

(Assuming that reader has knowledge on Single Sign On)

Single sign on functionality needs the site not to be in anonymous authentication. In IIS, Basic or Windows authentication should be enabled.
How to enable windows authentication in IIS?
Single sign on functionality comes along with Active Directory Module from Sitecore. You can get the latest version from SDN. This module integrates AD to the Sitecore instance. This module needs the LDAP path and few provider configuration settings in web.config file.
SDN Link: http://sdn.sitecore.net/Products/AD/Download.aspx
This module installs LDAP dll, configuration and few aspx pages. Once installed, we get the LDAP login page under /website/Sitecore/admin/ldaplogin.aspx. Along with that, we will be having few more roles in Sitecore.
sitecore\Sitecore Client Account Managing sitecore\Sitecore Client Authoring sitecore\Sitecore Client Configuring sitecore\Sitecore Client Designing sitecore\Sitecore Client Developing sitecore\Sitecore Client Forms Autho…