I have some set of documents and want to password protect them with one set of userid/password for each group of users. It's like this:
All users in group 1 can access domain.com/survey1/ with userid1/password1
All users in group 2 can access domain.com/survey2/ with userid2/password2
etc....
Outside of Kentico, I can go to the webhosting control panel and apply password to any folders.
With Kentico (global admin privilege, no backend/server access) I'm not sure if this is possible and if yes, how to do it. Thanks for your input.
Note: I've tried creating a custom login page using the Logon Form webpart; set the destination URL for the Logon Form to a landing page that lists links to the docs; then added the mentioned docs as subpages; added new user (userid1/password1) through Users app and also under Properties/Security. But this didn't work as expected.
Michelle, basically you want a group of user share a single username/password combination, right? Which is basically a "group" of people all use a single "user" account in CMS.
So first you setup user account like user1/pw1, user2/pw2.
Then in you content tree, go to /survey1 > Properties > Security > set it to requirement authentication. Then add user1 to have READ permission. Do the same for other folders.
Then in a different browser session which you are not logged in, try to hit yoursite.com/survey1, it should redirect you to a login page, once you login with user1/pw1, it should route you back to /survey1.
If you have created your own login page like /mylogin.aspx, then go to Settings application > Settings > Security & Membership > Content > Website logon page URL, and add that ~/mylogin.aspx there, so when visitor is prompt for login, it will be that page.
Related
I am working on a project using power pages, one of the client's requirements is that the home page perform the role of login page. So far so good, but it also requests that the only users that can enter the site are only users that belong to your organization, with this I thought of using azure ad. Power pages already comes with a button to be able to login with azure active directory. I need that from my form sending the email and password to carry out the same process as with the button.
My company has just obtained Kentico for some new applications. These applications will be going into production in about 2 weeks, so we are still fairly new with this. What we have are three ASP.NET MVC applications/sites that format and present content that is stored in Kentico. Additionally, we have specific users who will log into the Kentico9/Admin site to manage the content displayed by the MVC apps.
From a corporate standpoint, we also have Siteminder SSO enabled. When a user navigates to our Kentico9/Admin site, they are first authenticated by our corporate Siteminder SSO form using their corporate user id. When they are successfully authenticated, Siteminder redirects the user to the Kentico9/Admin site they originally requested and the user is presented with the standard Kentico login form. If the user has already logged in through Siteminder during another session, they only get presented with the Kentico login form. Otherwise, if this is their first time logging in, the user is required to login twice (once through Siteminder and again through Kentico).
What I want to do is bypass the standard Kentico login form and use the Siteminder information to Authorize the user to log them into the Kentico admin site. Siteminder adds the username and some other information to the HTTP request headers. Using C#, I can retrieve their corporate user id using the following: System.Web.HttpContext.Current.Request.Headers.Get("SM_USERID").
So, in a nutshell, I want to override Kentico's standard login form and write some code that will get the user id from the HTTP request header and authorize the user by looking up their userid in Kentico. If the user id is not found or is not active, present the user with the standard Kentico login form. Otherwise, if the user is a valid and active user, pull their user record and allow them to access Kentico.
I have found some tidbits of information and given enough time, I may be able to figure something out, but I am hoping someone has done something similar and can speed up my process. Any ideas on what I can do? I will also entertain anything that might have tighter integration with Siteminder, although it doesn't seem Kentico can handle Siteminder out of the box, but I am not sure about that.
Sounds like you might be able to create a custom webpart which you will place on a page and simply have Siteminder redirect the user to the page with that webpart on it and look for those header values on page load. If it finds them, perform your actions within Kentico to look that user up and authenticate them in Kentico as needed. If there are no header values or it can't find the Kentico info, simply send them to the regular login page.
You could also create a global event handler but that would require someone to click a button or such on your site after they have entered credentials.
I have 4 different organization and some users are associated to it. I have separate site for each organization. my requirement is If I am user of organization A , On login I should be able to redirect to my organization site.
eg: localhost:8080/web/org-A/home
How can I achieve this requirement. As per my knowledge I need to create post login hook by which user will get redirected to its own site.
I would like to know if any configuration in poral-ext.property is available by which user can redirect to his own site automatically after login.
I have one Global sitecolection and 5 subsites.I have created 3 groups in global site and I stop inheriting access in My Subsite1 And created a new Contributor Group and added Once User into that Group.Then i try to Login to The Subsite.I got a error
Error: Access Denied
Current User
You are currently signed in as: asha
Sign in as a different user
I want to create a user with only access Subsite1 (Without Global site access-After login it should redirect to home page of subsite).How can i achive this.
Thanks in advance
A user can login and see a site or list page, he should have View Pages, View Application Pages, Open atomic permission at least, so you can check permission of the login user on Subste1, verify whether he has enough permission to access pages.
All,
I'm configuring Sharepoint to use forms authentication with LDAP/Active Directory. I'm new to Sharepoint, so if this is obvious, please point me in the right direction.
Whenever I attempt to log in with a bad account or password, I get the very friendly (and correct) error message,
The server could not sign you in. Make
sure your user name and password are
correct, and then try again.
... which implies that Sharepoint is able to communicate with AD. If I log in with a valid account, I get a page that says:
alt text http://img63.imageshack.us/img63/6053/sharepointerror.png
(I added the grey bar to cover up the login name)
Any suggestions? The account I'm logging in with is an administrator and has been granted full control in central administration.
Also, interesting note: If I click the "sign in as a different user" link, and attempt to sign in using with the same credentials I just used, the site just redirects back to the login page, with no error or status message. If I then manually enter the site url, it again shows the "Error: Access Denied" page. Argh.
Go to site action of the actual site and add user in the format of
:loginid
It should resolve and show it underlined then try login in back to application that should fix it.
Your AD connection is working fine just need to add to sharepoint users list
yourprovider:userid
Yourprovider name is the name you gave to the user provider in web config
And you can add this user from parent site that is windows protected and you have all
I suppose it's sharepoint site security issue.
I'm getting the same error when trying to enter Site Settings page with a user that has a lack of permissions.
If you have at least one user that can access the Site Settings page, I suggest you to go to Site Actions/Site Settings/Users and Permissions/People and grops then click New button and add a user from AD to an appropriate group, eg. Team Site Members.
You have made connection with Ad and its working fine. So that you got error, when you try to login with invalid user id.
But you have missed one step in above scenario.
You need to give the permission for all AD users in your SharePoint site. The better way is to create a user group in AD (it may already there) which included all the users and add this user group in your SharePoint site with read permission.