Press ESC to close

Debugging Sites Authorization Required Error ! sites redirects to “Authorization Required” page in case something goes wrong behind the scenes, for ex.

  • The Site’s public access settings or user profile doesn’t have access to a Page, Object, field etc used in the visualforce page / controller.

  • In case of Apex Exceptions like, LimitException.

  • Etc

“Unauthorized” page makes sense in case of missing access problem. But in case of Exceptions ideally the redirect should be the “Exception” page.
End user obviously can’t figure out anything by seeing the page. So how should developers debug this problem ?

Debugging the cause of Authorization required error.

Test  Fixture

To reproduce this problem, easily for all. I just created a super simple VF page. This VF page fails for Authorization required error, because it tried to do “DML” inside the Controller’s constructor. Details of both page and controller are available in code snippets below.

VF Page
<apex:page controller="MyPageController">
    <apex:outputLabel for="contactName" value="Created Contact :"></apex:outputLabel>
    <apex:outputField id="contactName" value="{!contact.Name}"/>                    
public class MyPageController {
    public  Contact contact {get;set;}
    public MyPageController () {        
     // We are not allowed to do DML in constructor.
  // So this should reproduce the Autorization error on sites
  // pretty easily
        contact = new Contact(FirstName='Failing', LastName ='Contact'); 
        insert contact;

On executing this page with sites, you will get “Authorization Required” error, as shown:


Next we will see approaches to debug the cause of this issue.

Debug Approach 1

The first approach to debug this problem would be to 

  • Enable debugging for “Sites User”, under Setup > Monitoring > Debug Logs.

  • Refresh the page failing for “Authorization” error.

  • Check what comes in debug logs.

The above approach will work most of the time and will let developers know, why “Authorization Required” page is shown. In our case, debug logs clearly say “DML currently not allowed”, as shown in screen shot below.


But sometimes on “Authorization” error no debug logs are generated, even if you have enabled debug logging for the user. In that case jump to Approach 2, described below.

Debug Approach 2

Login in your Salesforce org. Make sure you have turned on “Development Mode” under “Setup > Personal Information > Development Mode”.  Try running the same Visualforce page, without the sites domain i.e. execute the page just like any other visualforce page for ex.

https://<Node&gt;<Sites Page Name>”

As development mode is on, one should see the error cause on the page itself. As shown in screen shot below


Still, if you can’t see any error on the visualforce page, jump to Approach 3 described  below:

Debug Approach 3

In this approach we will create another sites page, that calls the failing sites page via Apex API, i.e.


Lets call that sites visualforce page “Error Finder”. Following is the visualforce + apex code for this new page.

Visualforce Page – ErrorFinder
<apex:page controller="ErrorFinderController"  action="{!fetchFailingPage}" showHeader="false" sidebar="false" >
    <apex:outputText id="failingPageResponse" escape="false" value="{!failingPageResponse}" />
Apex Controller – ErrorFinderController
public class ErrorFinderController {
    public String failingPageResponse { get; set; }
    public void fetchFailingPage() {
       try {
           // Make a call to failing sites page here
           failingPageResponse = Page.mypage.getContent().toString();
       } catch (Exception e) {
           failingPageResponse = e.getTypeName() + ' : ' + e.getMessage() ;

On executing this page after connecting with sites, you will see why sites page “mypage” was showing Authorization required error. Here is the screenshot of the errorfinder sites page:


More over you can also try “Debug Approach 2” described above, i.e. looking into debug logs at “Setup > Monitoring > Debug Logs” for the sites user. You will get better details of error, if debug logs are available for the failing “mypage”.

More ideas/ways you know ?

Please share any thoughts or better ideas to know the cause of such sites page errors.

Comments (4)

Leave a Reply

%d bloggers like this: