New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix Control Panel Authentication for Sitecore 9.1 #328

Merged
merged 2 commits into from Dec 29, 2018

Conversation

Projects
None yet
2 participants
@coreyasmith
Copy link
Contributor

coreyasmith commented Dec 28, 2018

Fix Authentication Issue in 9.1

Fix control panel authentication issue for 9.1 raised in issue #326. Sitecore 9.1 requires any URL path that does not map to a site (e.g., /unicorn.aspx) be added to the "Site Neutral Paths" in the owin.cookieAuthentication.validateIdentity pipeline for the Context User to be resolved properly. Without this, the Context User will always be resolved as extranet\anonymous.

The config changes required for this are not compatible with 9.0.X
The owin.cookieAuthentication.validateIdentity pipeline doesn't exist in 7.X and 8.X, so this config change is benign in those versions. The pipeline does exist in 9.0.X, but the ValidateSiteNeutralPaths processor doesn't, so patching this change in to 9.0.X will cause exceptions. For the time being, I've added this change in a new config file that's disabled by default: Unicorn.UI.IdentityServer.config.disabled.

Sitecore 9.1 introduced a new config role, security, that I tried to use so these config changes won't affect 9.0.X; however, since security:define isn't set in the 9.0.X Web.config app settings, security:require is ignored and the config changes get applied anyway.

We have a few options to approach this:

  1. Instruct 9.1+ users to enable Unicorn.UI.IdentityServer.config.disabled in their solution.
  2. Enable Unicorn.UI.IdentityServer.config by default, and instruct 9.0.X users to disable it in their solution.
  3. Enable Unicorn.UI.IdentityServer.config by default, and instruct 9.0.X users to add <add key="security:define" value="undefined" /> to the app settings in Web.config. 👎
  4. @kamsar suggested that we could create a 9.1+ version of the Unicorn NuGet package with the necessary config changes enabled by default. This would also give us a chance to move the configs to the \App_Config\Modules folder.

Fix Redirect after Login Issue in 9.1

In PR #315 we changed the login URL from /sitecore/admin/login.aspx to /sitecore/login. This URL works on 9.1, but you get sent to the Launch Pad instead of /unicorn.aspx after logging in through the Unicorn control panel. The login URL defined on the context site respects the redirectUrl in 9.1, and it is also backwards compatible down to 7.0.

Verified

I verified that these changes work on the following versions:

  • 8.0 Initial Release
  • 8.2 Update-7
  • 9.0 Update-2
  • 9.1 Initial Release.

coreyasmith added some commits Dec 28, 2018

@cassidydotdk cassidydotdk merged commit c2eb4fb into SitecoreUnicorn:develop Dec 29, 2018

@cassidydotdk

This comment has been minimized.

Copy link
Collaborator

cassidydotdk commented Dec 29, 2018

Fixes #326

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment