We have episerver website where I have one user ABC with all roles & second user PQR with Administrator role. I am able to login with ABC but I can't able to login with PQR, also website is not throwing any error after login with PQR. After observation I found that assigning "Webeditor" role is perfectly working for all users, if this role is not present in users role list user will not able to login into the system. I spent four days for code debuggin, changing roles, etc but still not able to find any solution on whether it is the functionality of episerver or it is bug in the system. Can anyone please help me out of this.
If you take a look at web.config, you'll find something like this:
<allow roles="WebEditors, WebAdmins, Administrators" />
<deny users="*" />
Only users/roles that are specified in this section will have access to edit mode. However, it doesn't mean that they also have access rights to create/change/delete/publish pages. That's configured in the admin mode.
If you don't get any error message when you try to log in, it means that your username and password are good, but you're not allowed to access edit mode. That functionality is part of asp.net, not something that is Episerver specific.
I wrote a blog post about virtual roles some time ago. Hope it helps: https://www.dcaric.com/blog/virtual-roles-in-episerver
Thanks for your help Dejan Caric. It solved my problem.
Great that it helped.
You should also check that there are other locations in web.config that also has these settings.
Also look in the episerver.framework section where groups are defined that should have access to the system.