Kentico CMS 7.0 Developer's Guide

Secured vs. Non-secured libraries

Secured vs. Non-secured libraries

Previous topic Next topic Mail us feedback on this topic!  

Secured vs. Non-secured libraries

Previous topic Next topic JavaScript is required for the print function Mail us feedback on this topic!  

Media libraries on your site can be secured or non-secured. To ensure the required functionality, several settings need to be done as described below.

 

 

 

Please note

 

By default, files in media libraries are NOT secured and can be accessed directly by anybody who knows the exact link to the file. If you want to prevent this behavior, please set up your media library as a secured one.

 

 

Secured libraries

 

Secured media libraries allow viewing of their content only to members of authorized roles or only to authenticated users, based on the settings made on the library's Security tab. Secured libraries are also slower than the non-secured ones as permission checking involves some processing overhead.

 

To set up a media library to behave as a secured library, you have to take the following steps:

 

1. IIS setup

 

You have to set up your IIS so that files can't be downloaded directly from the library by typing the link to the file like <site url>/media/file.jpg into the browser.

 

a) Go to Start -> Control Panel -> Administrative Tools and start the Internet Information Services (IIS) Manager.

 

devguide_clip0063

 

b) Locate and select the media library folder in the IIS tree, then click on the Authentication icon.

 

devguide_clip0064

 

c) Disable the Anonymous Authentication by clicking the Disable link in the Actions list. If enabled, disable also the Windows Authentication.

 

devguide_clip0065

 

2. Media library security settings

 

You have to assign the See library content permission to the appropriate roles or all authenticated users on the media library's Security tab.

 

devguide_clip0039

 

You also have to make sure that the Check files permissions option is enabled in Site Manager -> Settings ->  Content -> Media. With this option disabled, permission checks would not be performed.

 

3. Media gallery web part settings

 

a) You need to enable the Use secure links web part property.

 

b) When writing your transformations for the Media gallery web part, you should stick to the following rules:

 

File previews and file details should be displayed using the following control:

 

<cc1:MediaFilePreview ID="filePreview" runat="server" maxsidesize="117" />

 

Download links should be obtained using the following method:

 

<%# MediaLibraryFunctions.GetMediaFileUrl(Eval("FileLibraryID") ,Eval("FilePath"), Eval("FileGUID"), Eval("FileName"), GetDataControlValue<bool>("UseSecureLinks")) %>

 

You can see an example of a real-world use of this web part, including the defined transformations, on the Community Site sample website, in the Media section.

 

Non-secured libraries

 

Content of non-secured media libraries is accessible to all site users or visitors. These libraries are also faster than the secured ones, as no permissions need to be checked.

 

1. IIS setup

 

You have to set up your IIS so that files in the library can be accessed directly by anonymous users.

 

a) Go to Start -> Control Panel -> Administrative Tools and start the Internet Information Services (IIS) Manager.

 

devguide_clip0063

 

b) Locate and select the media library folder in the IIS tree, then click on the Authentication icon.

 

devguide_clip0064

 

c) Enable the Anonymous Authentication by clicking the Enable link in the Actions list.

 

devguide_clip0066

 

2. Media library security settings

 

You have to assign the See library content permission to All users on the media library's Security tab.

 

devguide_clip0038

 

Alternatively, if all media libraries on the site are non-secured, you can disable the Check files permissions option in Site Manager -> Settings -> Content -> Media. This disables all permission checks for all media libraries on the site, which enables all users to see the libraries' content.

 

devguide_clip0037

 

3. Media gallery web part settings

 

a) The Use secured links web part property should be disabled for the file requesting to be faster.

 

b) When writing your transformations for the Media gallery web part, you should stick to the following rules:

 

Image previews and image details should be obtained using the following method because they need to be resized:

 

<cc1:MediaFilePreview ID="filePreview" runat="server" maxsidesize="117" />

 

Other file types previews and details can be obtained using direct links. Download links can be obtained directly too.