Try our conversational search powered by Generative AI!
AI OnAI Off
No addon store when windows authentication is enabled
The Add-ons store is restricted to the "PackagingAdmins" group. This is a virtual role that's mapped to the WebAdmins, Administrators roles by default. You can change this mapping in web.config <virtualRoles> section if your users are not in these roles by default.
David
Feb 10, 2016 18:16
Did you try adding file access rights to everyone/all domain users to appData folder temporarily to check that you don't have any file access problem?
Feb 10, 2016 18:18
Hi,
Thanks for quick answers.
Unfortunately I've already tried both of your suggestions with no luck.
I'm running CMS 9.5 and I have installed the Google Analytics gadget from NuGet. The gadget is visible to me when authenticating with mode=Forms but not when authenticating with mode=Windows.
Feb 11, 2016 8:49
You could try resetting the views for the user. I know this has resolved some UI glitches for me in the past: Global menu > your user name > My settings > Display options > "Reset Views" button
David
Feb 11, 2016 12:01
Hi David,
To reset the views made no difference.. I think I have to contact Episerver support to solve this.
Feb 12, 2016 8:46
The probelm is the method IsInRole in the windowsPrincipal doesn't check the claims (role type).
Probably in web config you have configured to use the claims, if you remove it it should work.
<virtualRoles addClaims="false" replacePrincipal="true">
BTW: IsInRole is called from Authorization attribute on the controller in this case is the addons controller has been marked as [Authorize(Roles = "PackagingAdmins")].
Mar 08, 2016 8:56
Hi!
Addon store is not visible in top menu or direct accessible(/EPiServer/AddOns) when we have windows authentication enabled(EPiserver CMS 8.4). It works when using forms authentication. In our production enviroment we're running 7.6 and there its working fine. But our test enviroments are on 8.4.
If we try to access addon store directly via "/EPiServer/AddOns" we get another authentication prompt. We have also noticed this behavior when accessing menu item "License information" under admin. But every other admin functionality seems to work. When we search for a user under admin we can see that they have the correct groups/roles.
We have tried granting PackagingAdmins to "Everyone" but the problem persists. If we change authentication mode to "Forms" it works. Our user source is Active Directory and the server is a member of the domain.
This is a snippet from our web.config
One thing that we noticed is when using forms we get signed as the username without domain name and with windows authentication the username is "domain\username". But the groups/roles are identical.
Does anyone have an idea what seems to be the problem?