I have one Global sitecolection and 5 subsites.I have created 3 groups in global site and I stop inheriting access in My Subsite1 And created a new Contributor Group and added Once User into that Group.Then i try to Login to The Subsite.I got a error
Error: Access Denied
Current User
You are currently signed in as: asha
Sign in as a different user
I want to create a user with only access Subsite1 (Without Global site access-After login it should redirect to home page of subsite).How can i achive this.
Thanks in advance
A user can login and see a site or list page, he should have View Pages, View Application Pages, Open atomic permission at least, so you can check permission of the login user on Subste1, verify whether he has enough permission to access pages.
Related
I am building a site on Liferay 7. By default, all the authenticated users inherit the Guest permissions (anonymous users).
There is even a label in the permissions section:
"Under the current configuration, all users automatically inherit permissions from the Guest role."
Why do I need this?
I would like to display X content only for anonymous users and when the user logs in, then I would like to display different content.
This is how my content permissions for anonymous users are configured:
Although I agree with people that say this is not the best path, yes you can do it - just to address the question at hands.
Set this to true if resources should assume that all users have the Guest role. Set this to false if resources will not assume that all users have the Guest role and, thus, do not automatically inherit permissions that belong to the Guest role.
Setting this property to false may require users to grant permissions to roles like Site Member and User.
Defaults:
permissions.check.guest.enabled=true
Why do I need this?
Permissions are not the catch-all for showing different content. If a guest is not allowed to see something, but needs to log in - that's fine. It's authenticated content, and you'll need to sign in.
If an authenticated user has no permission to see certain content, but just needs to log out in order to see it: What kind of permission is that? Let me answer that for you: It's not permission. It's rather targeted content and while it might be mimicked with permissions, this mimicry is nothing more than mimicry.
One way to implement such a requirement is through structured Web Content (you sound as if you want to show different Web Content articles). The template has access to the full API and can check if the current user is signed in or not - and show different content based on this fact.
If you want to achieve role permission using code level as like in xxxlocalserviceImpl class.You can use below code for allow permission for the guest user.
In case of document and media allow permission to guest and registerUser in Liferay 7 using rest webservice you can use this code for allow permission to upload and download the document using this code.
ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId,
DLFileEntry.class.getName(), ResourceConstants.SCOPE_INDIVIDUAL,
String.valueOf(dlFileEntry.getFileEntryId()), guestRole.getRoleId(),
new String[] { ActionKeys.VIEW });
To answer your question - you can not configure that per specific asset! By default an authenticated user can not have less permissions than an unauthenticated one. You can change that behavior for all assets using permissions.check.guest.enabled=false as #Victor correctly pointed out!
I have some set of documents and want to password protect them with one set of userid/password for each group of users. It's like this:
All users in group 1 can access domain.com/survey1/ with userid1/password1
All users in group 2 can access domain.com/survey2/ with userid2/password2
etc....
Outside of Kentico, I can go to the webhosting control panel and apply password to any folders.
With Kentico (global admin privilege, no backend/server access) I'm not sure if this is possible and if yes, how to do it. Thanks for your input.
Note: I've tried creating a custom login page using the Logon Form webpart; set the destination URL for the Logon Form to a landing page that lists links to the docs; then added the mentioned docs as subpages; added new user (userid1/password1) through Users app and also under Properties/Security. But this didn't work as expected.
Michelle, basically you want a group of user share a single username/password combination, right? Which is basically a "group" of people all use a single "user" account in CMS.
So first you setup user account like user1/pw1, user2/pw2.
Then in you content tree, go to /survey1 > Properties > Security > set it to requirement authentication. Then add user1 to have READ permission. Do the same for other folders.
Then in a different browser session which you are not logged in, try to hit yoursite.com/survey1, it should redirect you to a login page, once you login with user1/pw1, it should route you back to /survey1.
If you have created your own login page like /mylogin.aspx, then go to Settings application > Settings > Security & Membership > Content > Website logon page URL, and add that ~/mylogin.aspx there, so when visitor is prompt for login, it will be that page.
i have developed a site on drupal 6 and now i want to Block direct access to any node url on my site,how can i Block any user to acces the site and redirect on login page from where they can create a new account if he doesnot have user id and passsword,so any one please help me regarding this.Thanks in advance
If you want to not allow any anonymous users to access content on your site, turn off the permission on the Permissions settings under User Management.
You could then set the default front page to /user so everyone who goes to the site would be greeted with the login screen (and be allowed to register a user, if needed).
All,
I'm configuring Sharepoint to use forms authentication with LDAP/Active Directory. I'm new to Sharepoint, so if this is obvious, please point me in the right direction.
Whenever I attempt to log in with a bad account or password, I get the very friendly (and correct) error message,
The server could not sign you in. Make
sure your user name and password are
correct, and then try again.
... which implies that Sharepoint is able to communicate with AD. If I log in with a valid account, I get a page that says:
alt text http://img63.imageshack.us/img63/6053/sharepointerror.png
(I added the grey bar to cover up the login name)
Any suggestions? The account I'm logging in with is an administrator and has been granted full control in central administration.
Also, interesting note: If I click the "sign in as a different user" link, and attempt to sign in using with the same credentials I just used, the site just redirects back to the login page, with no error or status message. If I then manually enter the site url, it again shows the "Error: Access Denied" page. Argh.
Go to site action of the actual site and add user in the format of
:loginid
It should resolve and show it underlined then try login in back to application that should fix it.
Your AD connection is working fine just need to add to sharepoint users list
yourprovider:userid
Yourprovider name is the name you gave to the user provider in web config
And you can add this user from parent site that is windows protected and you have all
I suppose it's sharepoint site security issue.
I'm getting the same error when trying to enter Site Settings page with a user that has a lack of permissions.
If you have at least one user that can access the Site Settings page, I suggest you to go to Site Actions/Site Settings/Users and Permissions/People and grops then click New button and add a user from AD to an appropriate group, eg. Team Site Members.
You have made connection with Ad and its working fine. So that you got error, when you try to login with invalid user id.
But you have missed one step in above scenario.
You need to give the permission for all AD users in your SharePoint site. The better way is to create a user group in AD (it may already there) which included all the users and add this user group in your SharePoint site with read permission.
I have a custom sharepoint page that inherits from a custom dll I created
the page is located inside my shared documents library.
I managed the page's permissions so that there are two groups who can access it: one with a Full control level and the other with Contribute level.
the problem is that any member from the second group (with Contribute security level) tries to access the page, the unauthorized login page appears and the user cannot browse the page.
while any user from the first group (with Full Control) level can access the page normally.
so is there something missing that make custom pages only accessible by Full Control Users ? and is there any thing that can be done in the code to fix this ?
thanks
I doubt that you have written some code in this page that can not be performed with contribute permission level. So please try to access this page after commenting all the code you wrote in this page or create a new page with out any code. If you could access it with contribute permission level please use impersonation in your code.