Feature #17418
closed
Page 404 -- check for logged in or not
0%
Description
I have a "404 - page not found" page setup and it works fine, in general.
I would like to have it display one set of content if the user is not logged (i.e. "you need to log in!") and a different message if the user is logged in (i.e. a sitemap). I have used the visibility settings on content elements to attempt this scenario (i.e. show at any login, Hide at any login).
However, the 404 renders as if not logged in, even if I am logged in. I am guessing that the 404 page does not check cookies for some reason?
(issue imported from #M5850)
Updated by Yannick Pavard almost 17 years ago
Oki, but it's correct.
Hide at login = hidden page
hidden page = not visible for visitor
If you want a good process, do not redirect user to HIDE TO LOGIN page, but to visible or page NOT IN MENU
I don't if my english is correct, but now i'm sure that 404 process is correct.
thank you for dimitry's work !
Updated by Navi about 13 years ago
- Target version changed from 0 to 4.5.8
Hello,
This bug is more then 4 years old but still seems to be present.
It's really confusing that a user seems to be logged out on the 404 page.
What is needed to fix this bug?
Updated by Ernesto Baschny almost 13 years ago
- Target version changed from 4.5.8 to 4.5.12
Updated by Mathias Schreiber almost 10 years ago
- Description updated (diff)
- Category deleted (
Communication) - Target version changed from 4.5.21 to 7.2 (Frontend)
- Is Regression set to No
Updated by Benni Mack over 9 years ago
- Target version changed from 7.2 (Frontend) to 7.4 (Backend)
Updated by Susanne Moog over 9 years ago
- Target version changed from 7.4 (Backend) to 7.5
Updated by Riccardo De Contardi over 8 years ago
- Tracker changed from Bug to Feature
- Category set to Frontend
- Target version set to Candidate for Major Version
As far as I have understood, the goal here is to render a different message/page if the requested page is password-protected and the user is not logged in, so he/she can't access it. In this case a 403 page should be more appropriate.
I change this as "feature" because it is more a feature request.
Currently, the extension "pagenotfoundhandling" can be used to handle the 403 pages as TYPO3 pages or as static pages.
Is there something I am missing or I have not understood?
Updated by Benni Mack over 5 years ago
- Status changed from New to Needs Feedback
Hey Riccardo,
I think this can be closed, as TYPO3 v9 site handling allows to use different error pages based on 404/403 status code, right?
Can you verify this?
Thanks.
Benni.
Updated by Riccardo De Contardi over 5 years ago
I tried the following tests with TYPO3 9.5.5
Test1 - setup¶
- Fresh TYPO3 installation
- Create a minimal setup for frontend users as following
- create a FE usergroup "TEST1"
- create a FE usergroup "TEST2"
- create a FE user "test" and assign it to "TEST1"
- Create the following pages
- Create a page called "404 Error"
- Create a page called "403 Error"
- Create a page called "forbidden page" and assign it the FE usergroup "TEST2"
- Edit the site configuration
- Error Handling > Create new
- HTTP Status Code: 404
- How to handle error: Show content from Page
- Show content from page: select "404 Error"
- Error Handling > Create new
- HTTP Status Code: 403
- How to handle error: Show content from Page
- Show content from page: select "403 Error"
- Error Handling > Create new
Test 1 - execution (executed with Chrome in incognito mode)¶
| FE user status | try to access a non-existent url (https://mysite/xerwq) | try to access the forbidden page (https://mysite/forbidden-page) |
|---|---|---|
| not logged in | redirected to page "404 Error" | redirected to page "403 Error" |
| logged in | redirected to page "404 Error" | redirected to page "403 Error" |
Test 2 - setup¶
- same as Test 1
- "404 Error" page >
- create a CE "Headline",
- call it "I AM NOT LOGGED IN"
- set Access > "Hide at Login"
- create a CE "Headline",
- call it "I AM LOGGED IN"
- set Access > "Show at any Login"
- create a CE "Headline",
- "403 Error" page >
- create a CE "Headline",
- call it "I AM NOT LOGGED IN"
- set Access > "Hide at Login"
- create a CE "Headline",
- call it "I AM LOGGED IN"
- set Access > "Show at any Login"
- create a CE "Headline",
Test 2 - Execution¶
| FE user status | try to access a non-existent url (https://mysite/xerwq) | try to access the forbidden page (https://mysite/forbidden-page) |
|---|---|---|
| not logged in | redirected to page "404 Error" - shows "I AM NOT LOGGED IN" content | redirected to page "403 Error" - shows "I AM NOT LOGGED IN" content |
| logged in | redirected to page "404 Error" - shows"I AM NOT LOGGED IN" content | redirected to page "403 Error" - shows "I AM NOT LOGGED IN" content |
Updated by Susanne Moog over 4 years ago
- Status changed from Needs Feedback to Accepted
Updated by Benni Mack almost 3 years ago
- Status changed from Accepted to Closed
We now have the new error handling in TYPO3 v9 PLUS the logic with the flag "subrequestPageErrors" which keeps cookies. So we're good to go in this case.