Unable to load Login page

Question

0

Unable to load Login page

Kent Shilts posted 10 Years Ago

After adjusting settings on security clearances on our instance of Rock this error now exists when trying to resolve the url in web browser. The url is people.myresonateindy.com if you want to view the page error directly. I restarted the website and IIS from our external hosting page, cleared our Rock cache, and restarted Rock from within the application after finalizing the security changes.

The external site is accessible from alternate urls entered directly into a web browser and then logging in from the redirected page. Any help with what connection I broke would be greatly appreciated. Please see stack trace below

- Kent Shilts

Stack Trace:

[NullReferenceException: Object reference not set to an instance of an object.]
   Rock.Model.<>c__DisplayClass6.<GetActiveForms>b__2(WorkflowAction a) +93
   System.Linq.WhereListIterator`1.MoveNext() +56
   System.Collections.Generic.List`1..ctor(IEnumerable`1 collection) +381
   System.Linq.Enumerable.ToList(IEnumerable`1 source) +58
   Rock.Model.WorkflowActionService.GetActiveForms(Person person) +752
   RockWeb.Blocks.WorkFlow.MyWorkflowsLiquid.GetActiveForms(RockContext rockContext) in e:\hostingspaces\resonate\myresonateindy.com\wwwroot\Blocks\WorkFlow\MyWorkflowsLiquid.ascx.cs:358
   RockWeb.Blocks.WorkFlow.MyWorkflowsLiquid.GetActions() in e:\hostingspaces\resonate\myresonateindy.com\wwwroot\Blocks\WorkFlow\MyWorkflowsLiquid.ascx.cs:337
   RockWeb.Blocks.WorkFlow.MyWorkflowsLiquid.BindData() in e:\hostingspaces\resonate\myresonateindy.com\wwwroot\Blocks\WorkFlow\MyWorkflowsLiquid.ascx.cs:283
   RockWeb.Blocks.WorkFlow.MyWorkflowsLiquid.OnLoad(EventArgs e) in e:\hostingspaces\resonate\myresonateindy.com\wwwroot\Blocks\WorkFlow\MyWorkflowsLiquid.ascx.cs:240
   System.Web.UI.Control.LoadRecursive() +54
   System.Web.UI.Control.LoadRecursive() +145
   System.Web.UI.Control.LoadRecursive() +145
   System.Web.UI.Control.LoadRecursive() +145
   System.Web.UI.Control.LoadRecursive() +145
   System.Web.UI.Control.LoadRecursive() +145
   System.Web.UI.Control.LoadRecursive() +145
   System.Web.UI.Control.LoadRecursive() +145
   System.Web.UI.Control.LoadRecursive() +145
   System.Web.UI.Control.LoadRecursive() +145
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +772

1
- Rock RMS replied 10 Years Ago
Guessing a bit, but perhaps you deleted too many of the permissions. Now when you load the internal homepage it's possible that you're not logged in at all and the MyWorkflows block is generating an exception as it's expecting you to be logged in. Try this:

Proceed straight to the login page and login: http://people.myresonateindy.com/page/3

Then load the homepage http://people.myresonateindy.com/ . Assuming this page will now load.

Go back to the Sites admin page 'Admin Tools > CMS Configuration > Sites' and restore the security to the original settings. You can pattern it after the settings on the demo site (rock.rocksolidchurchdemo.com).

Thinking that should work. If not let us know. We'll also make a note to keep the MyWorkflow block from blowing up if there is no user.
Edit Answer

Guessing a bit, but perhaps you deleted too many of the permissions. Now when you load the internal homepage it's possible that you're not logged in at all and the MyWorkflows block is generating an exception as it's expecting you to be logged in. Try this: <ol> <li>Proceed straight to the login page and login: <a href="http://people.myresonateindy.com/page/3">http://people.myresonateindy.com/page/3</a></li> <li>Then load the homepage <a href="http://people.myresonateindy.com/">http://people.myresonateindy.com/</a> . Assuming this page will now load.</li> <li>Go back to the Sites admin page 'Admin Tools > CMS Configuration > Sites' and restore the security to the original settings. You can pattern it after the settings on the demo site (rock.rocksolidchurchdemo.com).</li> </ol> Thinking that should work. If not let us know.  We'll also make a note to keep the MyWorkflow block from blowing up if there is no user.
Guessing a bit, but perhaps you deleted too many of the permissions. Now when you load the internal homepage it's possible that you're not logged in at all and the MyWorkflows block is generating an exception as it's expecting you to be logged in. Try this: <ol> <li>Proceed straight to the login page and login: <a href="http://people.myresonateindy.com/page/3">http://people.myresonateindy.com/page/3</a></li> <li>Then load the homepage <a href="http://people.myresonateindy.com/">http://people.myresonateindy.com/</a> . Assuming this page will now load.</li> <li>Go back to the Sites admin page 'Admin Tools > CMS Configuration > Sites' and restore the security to the original settings. You can pattern it after the settings on the demo site (rock.rocksolidchurchdemo.com).</li> </ol> Thinking that should work. If not let us know.  We'll also make a note to keep the MyWorkflow block from blowing up if there is no user.
Guessing a bit, but perhaps you deleted too many of the permissions. Now when you load the internal homepage it's possible that you're not logged in at all and the MyWorkflows block is generating an exception as it's expecting you to be logged in. Try this: <ol> <li>Proceed straight to the login page and login: <a href="http://people.myresonateindy.com/page/3">http://people.myresonateindy.com/page/3</a></li> <li>Then load the homepage <a href="http://people.myresonateindy.com/">http://people.myresonateindy.com/</a> . Assuming this page will now load.</li> <li>Go back to the Sites admin page 'Admin Tools > CMS Configuration > Sites' and restore the security to the original settings. You can pattern it after the settings on the demo site (rock.rocksolidchurchdemo.com).</li> </ol> Thinking that should work. If not let us know.  We'll also make a note to keep the MyWorkflow block from blowing up if there is no user.
Save Cancel
0
- Kent Shilts replied 10 Years Ago
On my quest to adjust security settings I am now unable to proceed through step 2. After going directly to .../page/3 and successfully logging in I am blocked from loading the home page. I am assuming I deleted too many of the security permissions from the database as you speculated, but am unsure what to change so I can load the home page... I was attempting to change the security settings of the home page and I am wondering if for some reason these settings are interpreted as hierarchical. When I changed home page settings to allow all users to view the other pages of the internal site inherited these same settings.

My account is set as one of the administrators of the site and this is currently the view that I have when I log in. When I navigate to AdminTools>CMS Configuration>Sites and click on the lock I am blocked from changing these. From SQLManager I have removed all the security permissions from the Auth Table (not sure if I was supposed to do that), restarted the website and IIS pool from WebsitePanel, cleared my browser cache, but the one thing that I have not been able to do is clear the Rock cache. When I click on the icon in the Admin Toolbar I receive the security blocker message.
Edit Answer

On my quest to adjust security settings I am now unable to proceed through step 2. After going directly to .../page/3 and successfully logging in I am blocked from loading the home page. I am assuming I deleted too many of the security permissions from the database as you speculated, but am unsure what to change so I can load the home page... I was attempting to change the security settings of the home page and I am wondering if for some reason these settings are interpreted as hierarchical. When I changed home page settings to allow all users to view the other pages of the internal site inherited these same settings.  My account is set as one of the administrators of the site and this is currently the view that I have when I log in. When I navigate to AdminTools>CMS Configuration>Sites and click on the lock I am blocked from changing these. From SQLManager I have removed all the security permissions from the Auth Table (not sure if I was supposed to do that), restarted the website and IIS pool from WebsitePanel, cleared my browser cache, but the one thing that I have not been able to do is clear the Rock cache. When I click on the icon in the Admin Toolbar I receive the security blocker message.  <img alt="Screen Shot 2015-02-22 at 2.21.28 PM.png" src="/Content/RockExternal/Users/kdshilts/Screen Shot 2015-02-22 at 2.21.28 PM.png" />
On my quest to adjust security settings I am now unable to proceed through step 2. After going directly to .../page/3 and successfully logging in I am blocked from loading the home page. I am assuming I deleted too many of the security permissions from the database as you speculated, but am unsure what to change so I can load the home page... I was attempting to change the security settings of the home page and I am wondering if for some reason these settings are interpreted as hierarchical. When I changed home page settings to allow all users to view the other pages of the internal site inherited these same settings.  My account is set as one of the administrators of the site and this is currently the view that I have when I log in. When I navigate to AdminTools>CMS Configuration>Sites and click on the lock I am blocked from changing these. From SQLManager I have removed all the security permissions from the Auth Table (not sure if I was supposed to do that), restarted the website and IIS pool from WebsitePanel, cleared my browser cache, but the one thing that I have not been able to do is clear the Rock cache. When I click on the icon in the Admin Toolbar I receive the security blocker message.  <img alt="Screen Shot 2015-02-22 at 2.21.28 PM.png" src="/Content/RockExternal/Users/kdshilts/Screen Shot 2015-02-22 at 2.21.28 PM.png" />
On my quest to adjust security settings I am now unable to proceed through step 2. After going directly to .../page/3 and successfully logging in I am blocked from loading the home page. I am assuming I deleted too many of the security permissions from the database as you speculated, but am unsure what to change so I can load the home page... I was attempting to change the security settings of the home page and I am wondering if for some reason these settings are interpreted as hierarchical. When I changed home page settings to allow all users to view the other pages of the internal site inherited these same settings.  My account is set as one of the administrators of the site and this is currently the view that I have when I log in. When I navigate to AdminTools>CMS Configuration>Sites and click on the lock I am blocked from changing these. From SQLManager I have removed all the security permissions from the Auth Table (not sure if I was supposed to do that), restarted the website and IIS pool from WebsitePanel, cleared my browser cache, but the one thing that I have not been able to do is clear the Rock cache. When I click on the icon in the Admin Toolbar I receive the security blocker message.  <img alt="Screen Shot 2015-02-22 at 2.21.28 PM.png" src="/Content/RockExternal/Users/kdshilts/Screen Shot 2015-02-22 at 2.21.28 PM.png" />
Save Cancel
Kent Shilts

10 years ago

Found the documentation that shows the security settings are hierarchical, but I am not sure that makes logical sense for the way the pages are arranged. For example the home page to our internal site should be able to be viewed by all approved users, but when that setting is applied all users will be given access to everything. When making a change to the home page security this turns into a large project to redo the security settings on all child pages.

Frank Grand

10 years ago

Hey Kent, Has this issue been resolved for you?

Kent Shilts

10 years ago

Yes, much thanks to David Stevens this has been resolved.

Rock RMS · Accepted Answer · 2015-02-19T07:38-07:00

1

Rock RMS replied 10 Years Ago

The "out-of-the-box" security settings for the Rock RMS site are as follows:

View:
Allow Rock Administrators
Allow Staff Users
Allow Staff-Like Users
Deny All Users

Edit/Administrate/Approve:
Allow Rock Administrators
Deny All Users

The key here is to make sure that 'All Users' is denied access, and only specific roles are allowed to view that site. That will force a user to be logged in when viewing the home page.

Edit Answer

<p>The "out-of-the-box" security settings for the Rock RMS site are as follows:</p>

<p><strong>View:</strong><br />
<span style="line-height: 1.6em;">Allow Rock Administrators&nbsp;</span><br />
<span style="line-height: 1.6em;">Allow Staff Users</span><br />
<span style="line-height: 1.6em;">Allow Staff-Like Users</span><br />
<span style="line-height: 1.6em;">Deny All Users</span></p>

<p><span style="line-height: 1.6em;"><strong>Edit/Administrate/Approve:</strong><br />
Allow Rock Administrators<br />
Deny All Users</span><br />
&nbsp;</p>

<p>The key here is to make sure that 'All Users' is denied access, and only specific roles are allowed to view that site. That will force a user to be logged in when viewing the home page.</p>

<p><br />
&nbsp;</p>

<p>The "out-of-the-box" security settings for the Rock RMS site are as follows:</p>

<p><strong>View:</strong><br />
<span style="line-height: 1.6em;">Allow Rock Administrators&nbsp;</span><br />
<span style="line-height: 1.6em;">Allow Staff Users</span><br />
<span style="line-height: 1.6em;">Allow Staff-Like Users</span><br />
<span style="line-height: 1.6em;">Deny All Users</span></p>

<p><span style="line-height: 1.6em;"><strong>Edit/Administrate/Approve:</strong><br />
Allow Rock Administrators<br />
Deny All Users</span><br />
&nbsp;</p>

<p>The key here is to make sure that 'All Users' is denied access, and only specific roles are allowed to view that site. That will force a user to be logged in when viewing the home page.</p>

<p><br />
&nbsp;</p>

Save Cancel

David Stevens

10 years ago

I'm looking at this for Kent. I set the Auth rules for the homepage to the same as the ones that are on the Demo site, but that didn't allow me to see the homepage. Is there possibly a migration/script we could run to reset all the roles?

Question

0

Unable to load Login page

1

1

0