I have different Kentico microsites (site 1, site 2) that are password protected. Each site has a separate pair of userid/pw to log in (site 1 > userid1/pw1; site 2 > userid2/pw2). The problem I have is there are a couple of users that have access to both sites, so if they log into site 1, they can't right away log into site 2 without having to clear cache first.
I understand it's not a good practice to do the above, but to temporarily fix the issue at hand, is it possible to automatically end users' current session (log them out so to speak) when they visit certain page. That way those users can log in site 1 and 2 more easily.
I only have access to admin but don't have access to backend, file system stuff. Thanks!
My suggestion would be to create a custom web part which does checking to see if the current user has access to given microsite. If not, log them out. This web part would be placed on the master page template of each microsite.
Another option is to assign roles to the user(s). This would allow one user account for 1 person across multiple microsites.
Related
I have some set of documents and want to password protect them with one set of userid/password for each group of users. It's like this:
All users in group 1 can access domain.com/survey1/ with userid1/password1
All users in group 2 can access domain.com/survey2/ with userid2/password2
etc....
Outside of Kentico, I can go to the webhosting control panel and apply password to any folders.
With Kentico (global admin privilege, no backend/server access) I'm not sure if this is possible and if yes, how to do it. Thanks for your input.
Note: I've tried creating a custom login page using the Logon Form webpart; set the destination URL for the Logon Form to a landing page that lists links to the docs; then added the mentioned docs as subpages; added new user (userid1/password1) through Users app and also under Properties/Security. But this didn't work as expected.
Michelle, basically you want a group of user share a single username/password combination, right? Which is basically a "group" of people all use a single "user" account in CMS.
So first you setup user account like user1/pw1, user2/pw2.
Then in you content tree, go to /survey1 > Properties > Security > set it to requirement authentication. Then add user1 to have READ permission. Do the same for other folders.
Then in a different browser session which you are not logged in, try to hit yoursite.com/survey1, it should redirect you to a login page, once you login with user1/pw1, it should route you back to /survey1.
If you have created your own login page like /mylogin.aspx, then go to Settings application > Settings > Security & Membership > Content > Website logon page URL, and add that ~/mylogin.aspx there, so when visitor is prompt for login, it will be that page.
On our intranet, I want to provide a website that certain employees can access. The work they do on the site will be recorded and tagged with their user-name for identification if the need should arise. Of course users have already logged in to their workstation and they have supplied credentials to our Active Directory.
Rather than maintain an additional set of user logins and passwords for the website, and forcing users to enter this second set of credentials, I am wondering if they can just be silently authenticated when they pull up the site? Somehow the webpage would have to find out their Active Directory user name as known on their workstation. (I see no reason it would need their password.) And then, for their work, the website can store their actions tagged with their user name.
So: I'd log in to my workstation as "Mark" in domain "ONU-AD". I'd pull up the webpage "resolveticket.php". That page would not challenge me for credentials, but it can access my username and store that with my various actions.
NOTE: I have seen some questions and answers here that were more specific. But my initial question is general: is there a piece of tech that can help with this? What is it? (for example, should I try to do this with Java?) Many similar questions are about ways to get this information in a server-side script. But I am simply wanting the webpage sitting on the client computer to be able to get the user name and perhaps place it in an input (type="hidden") on a web form.
I have a requirement to always prompting of log in information for users in SharePoint site rather than taking their logged in credentials.
Any idea??
Depending on the setup you have.
You could just remove the SharePoint site from the trusted sites or local intranet under IE's security tab using a group policy.
This will cause a prompt every time they go to the site.
you need to reverse the steps found here
Regards,
Vince
I'm using Google Apps for Business.
Currently I have two separate domains.
abc.com and xyz.com
Customer enquiries flow into each website separately. However, the staff who respond to enquiries are responsible for both websites.
For convenience,I have embedded each enquiry group inside my intranet.
I have two tabs, one for support#abc.com and another for support #xyz.com
However, only one group is viewable at a time, depending on whether my staff are logged in as staff#abc.com or staff#xyz.com
Ideally, I would like to change the current login session depending on which tab is clicked.
Basically, I want to be able to login to Google Apps without entering user/pass.
Is this possible?
Its not possible unless you save the password in the browser.
Really easy if you create two separate chrome users and log into chrome in both.
Voila.
So yes, this is not possible. I have solved the issue by creating a third domain and routing all enquiries through there. This way our staff members only need to be logged into a single account. Not what I was hoping for, but it certainly does the job.
Here's the scenareio:
I have a single site collection, with the publishing infrastucture feature activated. Seveal levels below this I have a publishing site with the publishing features turned on. I also have unique permissions for this site.
The problem is that no one except site collection administrators can "Create Page". I have given the individuals everything including full control, and they still can not create pages. They can edit pages, but not create.
Am I doing something wrong? What is the proper way to set up the taxonomy of a site? I am trying to create a hierarcy to match my organization and mostly am using unique permissions on each site/subsite. This is working ok, until i needed a publishing site, but I don't want him to be a site collection admin. I would appreciate any help or ideas with how to make the publishing site work as I have it, or guide me on the proper way to lay out the site.
The fact that you are using Publishing features shouldn't have an effect on permissions. Publishing (for the most part) really has more of an effect on how edits are handled - i.e. immediately deployed or checked in and published at a later point. That's oversimplifying it - but back to your question.
Most likely - what is happening is that you have not given the user permission to the library where the template is that they need access to in order to create the page. I'm 99% sure that is what is happening here. Makes sense - they have the rights to the site - and permissions to edit the pages that exist - but creating a page requires them to access a new file - in a different library. If they don't have permissions to that template library - you get the access denied error.
When your user tries to create a page, they get an access denied error page correct? Copy the URL of that page, and examine it closely. It should reveal the location of the template folder they are trying to access but don't have permissions for. Read-only access to that template library should get your user the access they need.
One other recommendation - check out the access checker web part in Codeplex. http://accesschecker.codeplex.com/. This web part is loaded as a solution and allows you to display a hierarchical list of the sites that a specific user has permissions to. VERY helpful in confirming that you have given the permissions you thought you had.
Finally - in terms of permissions best practices - I think you are doing fine. You've gotten a little frustrated because you took a different path on a site (i.e. publishing) and it's behaving differently. But nothing is wrong. I've been there:) You really have two options w/ SP permissions - SP based groups (visitors, members, owners etc) or pulling in AD groups. Either way, you'll be making the same decision regarding unique or inherited permissions. You either use the same permissions as the parent site - or use unique permissions. HTH