Param redirect:on:access-denied not working

atomicitytech

Either this is a bug or I'm just not doing something right. I have the following WORKING policy:

{
    "Version": "1.0.0",
    "Statement": [
        {
            "Effect": "deny",
            "Resource": [
                "URI:/account",
                "URI:/account/my-account/",
                "URI:/account/change-account-password/",
                "URI:/account/email-password-reset-link/",
                "URI:/account/child-users/"
            ],
            "Condition": {
                "Equals": {
                    "(*string)${USER_META.BillingId}": ""
                }
            }
        }
    ]
    }

But if I add the redirect:on:access-denied param, the user is still shown "Access Denied" and the redirect does not happen. I've tried using both "frontend" and "backend". Neither one of them works. Here is what I'm trying to use:

    {
    "Version": "1.0.0",
    "Statement": [
        {
            "Effect": "deny",
            "Resource": [
                "URI:/account",
                "URI:/account/my-account/",
                "URI:/account/change-account-password/",
                "URI:/account/email-password-reset-link/",
                "URI:/account/child-users/"
            ],
            "Condition": {
                "Equals": {
                    "(*string)${USER_META.BillingId}": ""
                }
            }
        }
    ],
    "Param": [
        {
            "Key": "redirect:on:access-denied:frontend",
            "Value": {
                "Type": "URL",
                "URL": "/billing-id-not-set"
            }
        }
    ]
}

vasyl

atomicitytech the Type is case-sensitive, so the URL actually should be url:

"Param": [
        {
            "Key": "redirect:on:access-denied:frontend",
            "Value": {
                "Type": "url",
                "URL": "/billing-id-not-set"
            }
        }
    ]

This should do the trick.