Hi,
I installed the Community Server yesterday on my local machine and was wondering if it is possible to make the whole thing private. So that if you want to access any part of the CS you will be redirected to the login page if you are not logged in yet. Is that just a setup issue or is that something where I would need the single-sign-on addon for?
You could do this:
Modify this section of SiteUrls.config as follows:
<link name="home" resourceUrl="home" resourceName="home" roles="Registered Users" /> <link name="blog" resourceUrl="webloghome" resourceName="weblogs" roles="Registered Users" applicationType = "Weblog" /> <link name="forums" resourceUrl="forumshome" resourceName="forums" roles="Registered Users" applicationType = "Forum" /> <link name="gallery" resourceUrl="galleryhome" resourceName="photos" roles="Registered Users" applicationType = "Gallery" /> <link name="files" resourceUrl="fileshome" resourceName="files" roles="Registered Users" applicationType = "FileGallery" />
Then add the following to Web.config in the sites root where you see the other location tags:
If you'd like to see an example, we are working with a group to customize CS as an inter-organizational extranet. Initially, it will be members-only. After official members become comfortable with working online, they will consider opening it up to anonymous, public users and to other member groups. See www.mchic.ca
Jul 16/8 Note: Project ended; site no longer available.
Ryan Olshan: You could do this: Modify this section of SiteUrls.config as follows: <link name="home" resourceUrl="home" resourceName="home" roles="Registered Users" /> <link name="blog" resourceUrl="webloghome" resourceName="weblogs" roles="Registered Users" applicationType = "Weblog" /> <link name="forums" resourceUrl="forumshome" resourceName="forums" roles="Registered Users" applicationType = "Forum" /> <link name="gallery" resourceUrl="galleryhome" resourceName="photos" roles="Registered Users" applicationType = "Gallery" /> <link name="files" resourceUrl="fileshome" resourceName="files" roles="Registered Users" applicationType = "FileGallery" /> Then add the following to Web.config in the sites root where you see the other location tags: <location path=""> <system.web> <authorization> <allow roles="Registered Users" /> <deny users="?" /> </authorization> </system.web> </location>
<location path=""> <system.web> <authorization> <allow roles="Registered Users" /> <deny users="?" /> </authorization> </system.web> </location>
When I try this, it works, but some pages give an error. For ex. when i click on the link, I forgot my password i get the following error:
Description: The requested page cannot be accessed because the related configuration data for the page is invalid.
Error Code: 0x800700b7
Notification: BeginRequest
Module: IIS Web Core
Requested URL: http://cs2007:80/user/EmailForgottenPassword.aspx
Physical Path: D:\Visual Studio 2005\Projects\Insites Community Server\Web\user\EmailForgottenPassword.aspx
Logon User: Not yet determined
Logon Method: Not yet determined
Handler: Not yet determined
Config Error: Config section 'system.web/authorization' already defined. Sections must only appear once per config file. See the help topic <location> for exceptions
Config File: \\?\D:\Visual Studio 2005\Projects\Insites Community Server\Web\user\web.config
84: <system.web> 85: <authorization> 86: <allow roles="Registered Users" />
More Information...
Server Version Information: Internet Information Services 7.0.
I have this for other pages aswell (ex. Memberlist page)
Also, when I am not logged in, and on the homepage. When I change the url by adding /blogs or /forums. I can read the content although I am not logged in!
Is there a way around this?
Kind Regards,
Sven Moreels
Put this in your site master file:
<CSControl:ConditionalAction runat="server"> <Conditions Operator="And" runat="server"> <CSControl:Conditions Operator="Not" runat="server"> <CSControl:UserInRoleCondition UseAccessingUser="true" Role="Registered Users" runat="server" /> </CSControl:Conditions> <CSControl:Conditions Operator="Not" runat="server"> <CSControl:CurrentSiteUrlCondition SiteUrlName="common.login" runat="server" /> </CSControl:Conditions> </Conditions> <Actions> <CSControl:GoToSiteUrlAction ID="GoToSiteUrlAction1" UrlName="login" runat="server" /> </Actions> </CSControl:ConditionalAction>
the only issue with this is that the password reset page and the join page will not come up now... i put this is my master.master under the theme i am using == was this the wrong file?
I'll suggest the folowing modifications
<CSControl:ConditionalAction runat="server"> <Conditions Operator="And" runat="server"> <CSControl:Conditions Operator="Not" runat="server"> <CSControl:UserPropertyValueComparison runat="server" ComparisonProperty="IsAnonymous" Operator="IsSetOrTrue" UseAccessingUser="true" /> </CSControl:Conditions> <CSControl:Conditions Operator="Or" runat="server"> <CSControl:CurrentSiteUrlCondition SiteUrlName="common.login" runat="server" /> <CSControl:CurrentSiteUrlCondition SiteUrlName="user.user_Register" runat="server" /> <CSControl:CurrentSiteUrlCondition SiteUrlName="user_ForgotPassword" runat="server" /> <CSControl:CurrentSiteUrlCondition SiteUrlName="user_AcceptInvitation" runat="server" /> </CSControl:Conditions> </Conditions> <Actions> <CSControl:GoToSiteUrlAction UrlName="login" runat="server" /> </Actions> </CSControl:ConditionalAction>
Community Server Documentation
Nintendo Wiikly
almost perfect! can I also block the homepage for anonymous?
The above code will block every page appart from: Login, Join, Accept Invitation and Forgot Password pages. And should block the homepage as well.
homepage is still being shown to non registered (i.e. everyone) users -- any other suggestions
I am extrememly grateful also for the help provided thus far.
to see you can go to http://www.cullens.com
Try this....Leave the location part out
<system.web> <authorization> <deny users="?" /> </authorization> </system.web>
peace shakes
Carolina Pulse
like all mistakes -- it was my fault!!!
I had the following:
<location path="user/EditProfile.aspx">
<system.web>
<authorization>
<allow roles="Registered Users" />
<deny users="?" />
</authorization>
</system.web>
</location>
I changed to :
<location path="">
and now it is working as expected! thanks for the help!
Note, this will block anonymous users from using the acceptinvitation, join, and forgot password pages. You'll want to add exceptions for those pages into your web.config
<location path="user/EditProfile.aspx"> <system.web> <authorization> <deny users="?" /> </authorization> </system.web> </location>
<location path="user/EmailForgottenPassword.aspx"> <system.web> <authorization> <allow users="?" /> </authorization> </system.web> </location>
<location path="user/CreateUser.aspx"> <system.web> <authorization> <allow users="?" /> </authorization> </system.web> </location>
solves the problem -- thanks again all!!!
When I do this I get the right functionality as in it defaults to login.aspx and now the links on the login forum work but for some reason it wont render the theme styles, it is all in completely plain html. If I comment out <location path=""> <system.web> <authorization> <allow roles="Registered Users" /> <deny users="?" /> </authorization> </system.web> </location>
Then everything looks fine and it renders the theme style but it defaults to home.aspx with the user dashboard instead of login.aspx. Does anyone know why this could be happening? And of course, I have the code in the master.master...does it have to be in a specific spot? Thanks for the help!!
Copyright© 2008 Telligent Systems Inc. All rights reserved CommunityServer.com • Telligent.com