When you visit the website for the first time after the auto-login is set for the Active Directory, you and your users may experience a 302 (temporary) redirect of the page to itself. This is accomplished by the auto-login feature in the web.config file. This article provides information on the reason why this redirection occurs and the resolution for it.
- Server Administrator access to the DNN site's file structure.
This is the default behaviour of the auto-login functionality when it is set for the Active Directory authentication provider. When Active Directory is enabled, all unauthenticated requests to the site are automatically logged in with their AD user credentials. If a request does not contain the
authentication.status.0 cookie when the website is visited for the first time, the response is a 302 redirect to itself.
Disabling Auto-login will also allow anonymous users to be able to log into the environment, the login module will have two separate tabs separating DNN login and Windows login.
If you would like to disable the Auto-login redirects, you will need to disable the authentication module in the web.config file, which handles the auto-login.
- To disable the authentication module, comment out the following line in your
web.configfile, which is located at the root directory of the website.
<add name="Authentication" type="DotNetNuke.Professional.Authentication.ActiveDirectory.HttpModules.AuthenticationModule, DotNetNuke.Professional.Authentication.ActiveDirectory" />
- To comment out the indicated part of the
web.configfile, put it in between
-->. The line should look as follows:
<!-- <add name="Authentication" type="DotNetNuke.Professional.Authentication.ActiveDirectory.HttpModules.AuthenticationModule, DotNetNuke.Professional.Authentication.ActiveDirectory" /> -->
- Clear your Server Cache and browser cache.
If you would like to restore the redirect, you can just uncomment the line that you've commented out above.
- Access the site's main URL again after you are shown the autologin error message to bypass auto-login.
- Login with the AD authentication module with your AD credentials.
- The page then needs to be reloaded.
To test that this error is not being reproduced:
- Reenable auto-login by following the steps in the solution and removing the comment in the web.config file.
- Access the site again
If your AD user is part of AD domain, you should be logged into the site automatically.