Portal Engine Questions on portal engine and web parts.
Version 4.x > Portal Engine > Authentication & Site Security View modes: 
User avatar
Member
Member
tspring-allegra - 6/9/2010 8:06:29 AM
   
Authentication & Site Security
Hi

I’ve got a small question in setting up multiple secure websites with Kentico 4.1.

For example, if I have two websites (Site1 & Site2) running on the same install containing both secure and none-secure pages. If I create a User (User1) and set them to Site1 with a unique Role for that site (Role1). I can set the secure pages on Site1 so they’re only accessible to Role1 users. Likewise on Site2, I can set the secure pages so they’re only accessible for Role2 type users. Which works fine, and means User1 has no access to the secure pages on Site2 (which are set to Role2 access only). The problem I have is if I try to login to Site2 with the User1 login details (which should have no connection with Site2), it still allows me though the login authentication process. Even though obviously once logged in I can’t continue to view any of the secured pages on Site2.

Is there anyway to straight away deny CMS Users from even being able to login to specific sites? It currently seams all CMS Users can gain login authentication on any site, even though eventually these users once authenticated can be denied access via Roles and the Security options on pages & webparts.

Hope that makes sense.

Thanks,
Tim

User avatar
Kentico Consulting
Kentico Consulting
kentico_borisp - 6/10/2010 2:43:13 AM
   
RE:Authentication & Site Security
Hello,

This problem, assigning users to a specific site or to all sites on one Kentico installation, is soved since the release of the 5.x version of Kentico. For more information please see the following link:

http://www.kentico.com/Docs/DevGuide/index.html?shared_user_accounts.htm

Best regards,
Boris Pocatko