Portal Engine Questions on portal engine and web parts.
Version 5.x > Portal Engine > Secure Media Library View modes: 
User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 3/22/2011 8:03:25 AM
   
Secure Media Library
I've setup a media library where only specific roles can view it.

First problem is if someone clicks on the link it takes them to the login page but never redirects them back to that document. Yes we do have a custom login page but I don't believe this is the problem because the ReturnUrl populates for every other page that requires them to login and it works just fine.

Second problem is if I happen to click on the link to a "members only" document, it takes me to the login page (where I don't login) but click back and try to click on the link again it just displays a blank white page. What should happen is it takes them to the login page again.

User avatar
Kentico Developer
Kentico Developer
kentico_ivanat - 3/22/2011 10:09:17 AM
   
RE:Secure Media Library
Hi,

Could you please provide more details about your media library? Where did you set up that only specific roles can view it? In the Tools section of CMSDesk, Properties of media library webpart, setting permissions on particular document or have you created some transformation to achieve this goal?

Based on the above information I will try to reproduce the issue with the default login page.

Which version (hotfix) of kentico cms you are using?

Second problem - could you please tell me what do you mean by "members only" document?

Thank you for information.

Best regards,
Ivana Tomanickova

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 3/22/2011 10:26:00 AM
   
RE:Secure Media Library
We are on v5.5.3996 R2. What I did was created a new Media Library and set the security (create file/folder, delete file/folder, etc) to Authorized roles. Then in the Authorized Roles area I checked anyone with CMS * to let them create, delete, update, read, etc. Then I also checked my "Member" role to See library content.

What I mean my members only is anyone with the "Member" role assigned to them is a member and would be the only people to see the document.

User avatar
Kentico Developer
Kentico Developer
kentico_ivanat - 3/29/2011 3:05:44 AM
   
RE:Secure Media Library
Hi,

thank you for details.

if someone clicks on the link


Unfortunately, I am not sure, which link you mean. I set up permissions according to your description, but for unauthorized roles the library is not visible, so I am not sure, which link will redirect you to the login page. Could you please provide some screenshots or describe, where are the links created?

Thank you,
Ivana Tomanickova


User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 3/29/2011 12:17:20 PM
   
RE:Secure Media Library
The link I am referring to is an html link on a page to a document in that secure media library.

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 3/29/2011 12:21:10 PM
   
RE:Secure Media Library
kentico_ivanat wrote:
I set up permissions according to your description, but for unauthorized roles the library is not visible, so I am not sure, which link will redirect you to the login page.


By default shouldn't asp.net redirect to a login page if that particular directory is requiring authentication? If access needs to be checked shouldn't the user be directed to the login page if they are not currently logged in? In order for a user to gain access to a page, module, etc. they need to be authenticated first. Once they have been authenticated, the access rules (roles applied to the user) an be applied.

User avatar
Kentico Developer
Kentico Developer
kentico_ivanat - 4/5/2011 7:14:50 AM
   
RE:Secure Media Library
Hi,

I tried to reproduce the issue. I created a link on a page pointing to the secured media library file.

As a public user I received error message that my permissions are not sufficient, so I get back to the original page (any redirection to the login page).

I tried to click on the link again and I get empty page. This seems to be a bug in the current version and our developer is already working on it. It could be related to your second issue and I am sorry for inconvenience.

The media library itself does not perform redirection to the login page. There are two possibilities:

1. Document, where media library files are displayed is secured in the CMS Desk - Edit - Properties - Security tab, there is an option Requires authentication.

2. Link you have created is pointing to the page, on which is used a control requiring authentication. Then the redirection is managed by Global.asax.cs

Could you please tell me which option is correct and how should I continue to simulate your environment?

Thank you for information.

Best regards,
Ivana Tomanickova

User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 4/5/2011 12:19:35 PM
   
RE:Secure Media Library
I've set the permissions on other pages/documents and it works fine. The link text is in an editible text webpart. On the particular pages I have this webpart on there is no authentication or access checked, they are open to everyone to view.

If you'd like I do have support and can submit a ticket but would like to make sure you were the one handling the case.

Brenden

User avatar
Kentico Developer
Kentico Developer
kentico_ivanat - 4/6/2011 2:15:03 AM
   
RE:Secure Media Library
Hi,

could you please create a support ticket with reference to this thread and provide me with the access to your site?

Thank you in advance.

Best regards,
Ivana Tomanickova