• Not Answered

The provided anti-forgery token was meant for user "sitecore\123456", but the current user is "extranet\123456"

Hi,

 

I am upgrading from Sitecore 6.6 to 9 using the migration tool.  On a page we have a dropdown with 3 options for normal, edit and preview mode and when a user switches from normal to edit/preview, we have a custom pipeline that will automatically login the user from extranet domain to Sitecore domain skipping the Sitecore login page and takes the user to edit/preview mode. This pipeline is also used while impersonating users.

 

This all works fine in Sitecore 6.6. But this is NOT working in Sitecore 9. With this pipeline, if I go to the preview mode I get this error: The provided anti-forgery token was meant for user "sitecore\123456", but the current user is "extranet\123456"

 

The pipeline (Test) in Sitecore.config is placed after Layout Resolver. Is this the correct place to intercept the process and automatically login or impersonate a user?

 

Any suggestion/advice is appreciated!!

 

Thanks,

Deeksha

 

code:

if (Context.Domain.Name == SITECORE )
{
   string username = SITECORE + "\\" + Context.User.LocalName;
   username = username.ToLower();

   util.WebUtil.SetImpersonatorEmployeeNumber(string.Empty);

   if (!string.IsNullOrEmpty(username) && !username.Contains("anonymous") && Sitecore.Security.Accounts.User.Exists(username)
      && !Context.RawUrl.ToLower().Contains("xhtmlvalidator") && !Context.RawUrl.ToLower().Contains("analytics") && username != Context.User.Name.ToLower())
   {
       AuthenticationManager.Login(username);
   }
   else if (Context.IsLoggedIn && Context.RawUrl.ToLower() == "/sitecore/shell/default.aspx" && !Sitecore.Security.Accounts.User.Exists(username))
   {
       Context.Logout();

   }
}

 

sitecore.config:

<httpRequestBegin>
<processor type="Sitecore.Pipelines.PreprocessRequest.CheckIgnoreFlag, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.EnsureServerUrl, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.StartMeasurements, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.IgnoreList, Sitecore.Kernel">
<prefixes hint="list">
</prefixes>
</processor>
<processor type="Sitecore.Pipelines.HttpRequest.SiteResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.UserResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.DatabaseResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.BeginDiagnostics, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.DeviceResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.LanguageResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.CustomHandlers, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.QueryStringResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.DynamicLinkResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.AliasResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.DefaultResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.FileResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.ItemResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.DeviceSimulatorResolver, Sitecore.Kernel" />
<processor type="Sitecore.Pipelines.HttpRequest.LayoutResolver, Sitecore.Kernel" />
<processor type="Test.Pipelines.LoginOverride, Test" />
<processor type="Sitecore.Pipelines.HttpRequest.ExecuteRequest, Sitecore.Kernel" />
</httpRequestBegin>