Joomla! Discussion Forums

After patching version 1.0.12 to 1.0.14, I now am unable to login at the front end and when I try I get this error message
[code]You are not authorised to view this resource[/code
Seems to be a few ythings that have caused this in the past but my jos_users is able to have 100 characters
I can access via admin but when I go back to the frontend I can not access anything as a user or admin, I get prompted to login


any help appreciated

The same issue was being discussed over here but without any resolution.

I'm still having the problem. Last night I installed Shoutbox 1.2 on my site and the "you are not authorised" problem occurred again the next time I logged in. The only solution I've found so far is to delete my cookies and log in again. That works every time, but it certainly is a hassle.

thanx for the heads up. I'll follow the topic over at the link provided.

hopefully someone will find a solution soon

I have just setup a test site to so I can update my production site frm 1.0.12 to 1.0.14 and I too am seeing the dreaded "You are not authorised to view this resource".

We just did a 1.0.12 > 1.0.14 upgrade & none of our users can login via the front end, either. For us, though, the page simply refreshes, & doesn't log the user in. I am now reading about all of the issues that 1.0.13 had, & am wondering if upgrading our CB version from 1.0.2 to 1.1 may fix things.

We are not using CB.

We do have JCS installed, as this affect 2 different user management components I woulld think it is something in the base that has changed.

I found the problem!!!

The session table is not being updated with the correct "gid" for the user

I manually changed the "gid" in the sessions table to the correct level and everything works.

Now to find the cause of the session table not being built correctly. It would be nice if a Joomla Guru would poke their head in this post.

I want say my experience:
I had the same problem and I found solution upgrading with the full package release.
In particulary I want evidence the index2.php file not compare in pach package but in my website was different...
My english is bed but I hope to help someone.

I had the same errors and I found this solution on another web site. I tried it and it worked for me. I hope that it works for you as well. Good luck!

====================================================================================

ok, I have found a solution. The problem was the Itemid of the categories. They where still the "old" one (i've got linked the component mosdirectory before in the usermenu for registered only to test something).

To solve the problem you've got to do this:
1. DELETE THE OLD MENULINKS IN ANY MENU (othermenu, usermenu.. if there was the component linked - unpublish them is not enough - trash them).

2. GO TO THE TRASHMANAGER AND SELECT from the drop down menu on the upper right side "MENU ITEMS" (standard is "CONTENT ITEMS").

3. THEN DELET ALL OLD MENUITEMS.

And now it works fine :-)

Hmm. I tried that, but no luck.

Anyway, I have a different twist on the "You are not authorised to view this resource" thing --

It only happens when I add a value string parameter to the URL.

i.e.

http://profilereferral.com/content/view/42/56/ -- That's just fine.

but if I try to add tracking, i.e.

http://profilereferral.com/content/view/42/56/?=ad1 -- I get the "You are not authorized..." devil!

Any thoughts?

Well, I don't have a solution, but I have a work-around.

If I take a url that end in, say,

/content/section/5/27/

and use instead

/index.php?option=com_content&task=view&id=42&Itemid=56

--- then I can use a variable after the URL for improved landing page analytics and tracking.

This will work in a pinch, but I'd like a better answer, so...

Bump.

(PS -- this is only for content/section pages. If the page has a component in the URL, say "Weirdly, if the URL has a component in it, say, "/component/option,com_wrapper/Itemid,59" then I don't have to convert to an index.php string to get my tracking to work properly.)

Backup your old .htaccess file, assuming you have SEF installed, replace weddingq.com with your website name.
Use the following as your new .htaccess file.
It worked for me.



##
# @version $Id: htaccess.txt 5975 2006-12-11 01:26:33Z robs $
# @package Joomla
# @copyright Copyright (C) 2005 Open Source Matters. All rights reserved.
# @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
# Joomla! is Free Software
##


#####################################################
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
#
# Only use one of the two SEF sections that follow. Lines that can be uncommented
# (and thus used) have only one #. Lines with two #'s should not be uncommented
# In the section that you don't use, all lines should start with #
#
# For Standard SEF, use the standard SEF section. You can comment out
# all of the RewriteCond lines and reduce your server's load if you
# don't have directories in your root named 'component' or 'content'
#
# If you are using a 3rd Party SEF or the Core SEF solution
# uncomment all of the lines in the '3rd Party or Core SEF' section
#
#####################################################

##### SOLVING PROBLEMS WITH COMPONENT URL's that don't work #####
# SPECIAL NOTE FOR SMF USERS WHEN SMF IS INTEGRATED AND BRIDGED
# OR ANY SITUATION WHERE A COMPONENT's URL's AREN't WORKING
#
# In both the 'Standard SEF', and '3rd Party or Core SEF' sections the line:
# RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR] ##optional - see notes##
# May need to be uncommented. If you are running your Joomla!/Mambo from
# a subdirectory the name of the subdirectory will need to be inserted into this
# line. For example, if your Joomla!/Mambo is in a subdirectory called '/test/',
# change this:
# RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR] ##optional - see notes##
# to this:
# RewriteCond %{REQUEST_URI} ^(/test/component/option,com) [NC,OR] ##optional - see notes##
#
#####################################################


## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks

#
# mod_rewrite in use

RewriteEngine On


# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla!/MamboDirectory (just / for root)

# RewriteBase /


########## Begin - Joomla! core SEF Section
############# Use this section if using ONLY Joomla! core SEF
## ALL (RewriteCond) lines in this section are only required if you actually
## have directories named 'content' or 'component' on your server
## If you do not have directories with these names, comment them out.
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
#RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR] ##optional - see notes##
RewriteCond %{REQUEST_URI} (/|\.htm|\.php|\.html|/[^.]*)$ [NC]
RewriteRule ^(content/|component/) index.php
#
########## End - Joomla! core SEF Section



########## Begin - 3rd Party SEF Section
############# Use this section if you are using a 3rd party (Non Joomla! core) SEF extension - e.g. OpenSEF, 404_SEF, 404SEFx, SEF Advance, etc
#
#RewriteCond %{REQUEST_URI} ^(/component/option,com) [NC,OR] ##optional - see notes##
#RewriteCond %{REQUEST_URI} (/|\.htm|\.php|\.html|/[^.]*)$ [NC]
#RewriteCond %{REQUEST_FILENAME} !-f
#RewriteCond %{REQUEST_FILENAME} !-d
#RewriteRule (.*) index.php
#
########## End - 3rd Party SEF Section



########## Begin - Rewrite rules to block out some common exploits
## If you experience problems on your site block out the operations listed below
## This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
#
########## End - Rewrite rules to block out some common exploits

One other thing with the You are not authorized. Check your login redirect in the mod_login. it may point to a page that no longer exists or has been messed with during the upgrade.

by the way it is probably not a bad idea to leave off the site URL and start the redirects with index.php?.....

Have a nice day: in order to solve problems related to 403 errors, is very usefull to read this...

http://forum.joomla.org/viewtopic.php?t=19443

If you follow the instructions there one by one you will be able to find a solution to your problem, thanks...

---------------------------------------------------------------------------------------
Help you help me

Hi there

I still have the same problem

"You are not authorised to view this resource."

I try all the fixes from above and new "Tips.You are not authorised to view this resource." link above, no slution yet.

This is what is happening:
At my homepage, if you click any of the item from Latest promotion (in green)
http://bestbonusmoney.com/content/view/193/191/
you will see the error.

I tried this :

-clear cashe
- turn off cashe
- set all links, modules, menus to PUBLIS
- using HPmyadmin deleted all seessions in jos_sessions table
- and many other tips from this forum
only I havent found "gid" in the sessions table mentioned above.

and nothing worked !

Can anyone help ?

anyone has idea about this ?
I noticed that in all items published in Latest news module have same item ID

http://www.bestbonusmoney.com/index.php ... iew&id=76&Itemid=191
http://www.bestbonusmoney.com/index.php ... iew&id=71&Itemid=191
but it should be different !

Any fix for this ?

I have found that I am getting the "You are not authorised to view this resource" message on news items. The items are valid and published and show for all users on the news Blog page.

The standard latest news module shows the link to the news itme but when I click on the news item link I get the dreaded "You are not authorised to view this resource" message. This occurs a lot when creating new news items. The show up in the BLOG but not via a link.

These are the things that each suffering news item has in common:

The names of the news items are long
The news names often contain a non-text character such as !
The news item has a name but no alias title

Also,

Artio JoomSEF is enabled
Default Cache-ing is disabled, Page Cache is enabled

To get round this I have tried a lot of different fixes but in the end I have a solution, of sorts.

I clear the cache (through Pagecache) and turn off cacheing
I clear the Artio Joom SEF cache
I temporarily disable the Pagecache component.
I shorten the news item name and remove any non-alpha numeric characters

These often fix the problem.

Finally, if the problem persists I do the following:

A news item can have intro text and main text. I always make sure there is some text in both text areas, this causes a "read more" link to appear on the BLOG page. This appears to be beneficial to reducing the occurrence of this message.

Finally if it still occurs then you need to copy the offending article, recreating a new article of the same name, unpublish the old.

Finally if the article appears as it should, turn the page cacheing back on.

Yereverluvinunclebert

Hi
neither of those solutions helped me.

But after all I found one

Istalled 3rd party news component and everything is working.

which component?

actually it is a module
http://extensions.joomla.org/component/ ... Itemid,35/
RokLatest, go check your self

I have been receiving the horrible old message once again:

"You are not authorised to view this resource You need to login"

This has been occurring when I've been using Joomla 1.0.15 and the myContent Component! version: 1.1.13 to enter new content from the front end.

I also have a module, mod_latest_created_updated_date, which shows a list of the most recently Created or Updated Content Items.

This module works correctly for any item created using the normal methods displaying each item and linking across as you would expect. However, when you create a content item using mycontent the link shown by mod_latest_created_updated_date shows : "You are not authorised to view this resource You need to login"

All other links working fine, just the new links in this module created using mycontent were adversely affected.

I have tried to analyse the content, the URL's generated but initially no solution found.

Then I looked into the Artio configuration: and tried to find something that might affect the problem, changed this config. item.

Do not remove SID from SEF URL? to 'yes', cleared all caches, then the problem went away

My last post was incorrect. Even after my mucking about it started happening again.

I finally figured it out. There is a minor conflict between MyContent and Artio JoomSEF.

When MyContent creates a new content item it uses the incorrect item id. Joomla seems to have an item id for all content, modules &c. When Mycontent creates a new content item it picks up the default item id for the mycontent component rather than for the content item category.

Once an item has been created with the wrong item id Artio creates a SEF URL for the newly created item with an incorrect itemid. So, in general links to the SEF URL don't work as it is using the wrong itemid. A quick work around is to remove the original SEF URLs generated by Artio.

A quick change to the component PHP code forcing it to use the static content itemid is another workaround (which is what I did) but the MyContent component really needs a fix.

I am no PHP programmer so this beyond me.

Yereverluvinunclebert