Not Found page seen instead of Login Prompt when logged out and navigating to private pages
Dia Seung
更新
Issue
When not logged in, and user attempts to navigate to private page's URL, instead of being prompted to log in, a 'Not Found' page is seen instead.
Environment
DXP 7.4
Resolution
In DXP 7.3, when users are not logged in and they navigate to a private page's URL, they are prompted to login. This behavior is controlled by the portal property auth.login.prompt.enabled, which is set to true by default in DXP 7.3.
If auth.login.prompt.enabled is set to false, the expected behavior is for all users that have no entitlements to view the resource to be informed that a requested resource is not found, with no prompts for login.
However, the auth.login.prompt.enabled is no longer available in DXP 7.4, and is disabled by default to comply with OWASP best practices. (Change applied by LPS-141291)
To re-enable the login prompt for privates pages in DXP 7.4, depending on the scope you'd like to set the behavior for (System, Instance, or Site), additional configuration in the Control Panel must be set.
For System Level scope, the following instructions can be used:
Navigate to Control Panel > System Settings > Login