How to reproduce

• Define the root of a site with limited access with "access to users logged"
• On a page defining a limited access to a group of users
• In the administration do not check the parameter "view pages with restricted access"
• Login to the front-office with a user who does not have access to the page

Behavior found

• The page is visible whereas it should not
• If the user clicks on the link to the page a 403 error is displayed

Expected behavior

• Do not display the page for unauthorized users