Versions Compared

Version Old Version 1 New Version 2
Changes made by

Catherine Foss

Catherine Foss

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Issue summary:

Files and pages that are restricted to users based on permissions are not working as expected. Users are only able to access protected files content if they are already logged in to the site.

10 Lb Analysis: I was reviewing this with Mark and he suspects (based on how the redirects are working) the issue is related to the SSO module (ICPC-TE-SsoXP)…The problem for this access appears to be revolving around the SSO/IDP not honoring the ReturnURL redirect with DNN.

Additional areas to address:

In putting selected materials behind a login for the House of Governance page, some users had trouble viewing gated content due to:

  • Having multiple user accounts (there is no validation/verification required for an account so a user can have accounts with different permission levels)

  • There are settings in Aptify that were not configured properly and prevented users from viewing content on our site

Miro macro
accessLinkhttps://miro.com/app/live-embed/o9J_llkqRi0=?boardAccessToken=4ezm6t0LLPuvMmo8XLHFLPvzImfzvqyY&autoplay=true

Related reported bugs:

https://californiadentalassociation.atlassian.net/browse/WPD-2096

https://californiadentalassociation.atlassian.net/browse/WPD-1978

https://californiadentalassociation.atlassian.net/browse/WPD-2130

...

Work Required to Fix:

  • DNN platform upgrade with replacement of the current identity provider module

  • Implement B2C for http://cda.org

  • CSS changes in current Resource Library templates to show/hide resource sections based on user permissions (Instead of locking down entire pages, the preference was to show a summary of a resource to all members but require login to view documents and details)

Steps to Recreate the Error:

Expected Result:

  1. Un authenticated user clicks on a protected file

  2. Login screen appears

  3. Upon successful login, the requested file displays

...

  1. Unauthenticated user clicks on a protected file

  2. Login screen appears

  3. Login is successful, but an error screen appears stating that the resource has been removed

...

Link should be:

https://www.cda.org/LinkClick.aspx?fileticket=Ont4-l_m5Bg%3D&portalid=0

In a screen share with Ashley Jaros, we confirmed that she did have the correct permissions to view the file and ensured the file itself did not have issues by doing the following:

...