Sulu - Authentication gives no 403

33 views Asked by At

I implemented the authentication in my Sulu app. It works, i can login and logout. The Pages I restricted through the admin page dont show in the Navigation, just as I wanted.

The problem is that you still can access the restriced sites by typing the URL.

I want it to give a 403 or redirect to the login page.

Is there an option i overlooked to do that?

<security permission-check="true">
        <system>example</system>
    </security>

I activated security for my webspaces with that and followed the steps in this guide : https://docs.sulu.io/en/2.5/cookbook/user-context-caching.html

1

There are 1 answers

1
Kolyunya On

I think you might have HTTP caching misconfigured.

Try opening the restricted page in a new incognito tab and see if you'd get a 403 status when not logged in.

Other proxies between the server and the client may also be causing this behavior in case they exist.