Disabling Auto-Login for Active Directory to prevent Auto-Login redirects

Overview

When you visit the website for the first time after the auto-login is set for the Active Directory, you and your users may experience a 302 (temporary) redirect of the page to itself. The following warning message is displayed: Could Not Follow Redirect URL requested a HTTP redirect, but it could not be followed. This article provides information on the reason why this redirection occurs and the resolution for it. 

 


 

Diagnosis

This is the default behavior of the auto-login functionality when it is set for the Active Directory authentication provider. When Active Directory is enabled, all unauthenticated requests to the site are automatically logged in with their AD user credentials. If a request does not contain the authentication.status.0 cookie when the website is visited for the first time, the response is a 302 redirect to itself.

Disabling Auto-login will also allow anonymous users to be able to log into the environment, the login module will have two separate tabs separating DNN login and Windows login.

mceclip0.png

 

Back to top


 

Solution

To prevent this issue, you will need to disable the authentication module in the web.config file, which handles the auto-login.

Your users can still log in using their Active Directory credentials on the login area.
  1. To disable the authentication module, comment out the following line in your web.config file, which is located at the root directory of the website.
      <add name="Authentication" type="DotNetNuke.Professional.Authentication.ActiveDirectory.HttpModules.AuthenticationModule, DotNetNuke.Professional.Authentication.ActiveDirectory" />
  2.  To comment out the indicated part of the web.config file, put it in between <!-- and -->. The line should look as follows: 
    <!-- <add name="Authentication" type="DotNetNuke.Professional.Authentication.ActiveDirectory.HttpModules.AuthenticationModule, DotNetNuke.Professional.Authentication.ActiveDirectory" /> --> 
  3. Clear your Server Cache and browser cache.

Please note that this change triggers an application restart. It is strongly recommended to test this practice in a development environment before applying it in the production environment.
 
If you do not want to disable auto-login, the authentication.status.0 cookie needs to be set for the user by:
  1. Access the site's main URL again after you are shown the autologin error message to bypass auto-login.
  2. Login with the AD authentication module with your AD credentials.
  3. The page then needs to be reloaded.

 

 

Testing

To test that this error is not being reproduced:

  1. Reenable auto-login by following the steps in the solution and removing the comment in the web.config file.
  2. Access the site again

If your AD user is part of AD domain, you should be logged into the site automatically.

 

 

Comments

0 comments

Please sign in to leave a comment.