Hi
I would like to stop users browsing a change password page which is located before the user logs in so it is set as a public page.
I have created an authorization scheme where I am trying to restrict access from users browsing to this page using the following approach.
Item in Expression is NULL
For the page item name I am selecting a form field that contains a GUID P102_GUID
This contains a value which is contained within a link in the forgot password email, and is included in the URL I.E. p=2:102:::NO:RIR:P102_GUID:OETC.....
But the authorisation scheme is not working as it is blocking access to the page whether there is a GUID defined in the URL or not.
When would should be happening is if this field is NULL which it should be if a user browses just to the page without a GUID it should be restricted and if they are genuinely visiting the page from a forgot password link in their email then they should be able to view the page
Does any body have any thoughts on why this isn't working as it should?