Login Question

If you have questions about using mojoPortal, you can post them here.

You may want to first review our site administration documentation to see if your question is answered there.

This thread is closed to new posts. You must sign in to post in the forums.
3/19/2010 12:24:50 PM
kevinD
Gravatar
Total Posts 51
View Posts

Login Question

Isn't there a checkbox toggle somewhere in the admin settings, or some value in web.config, to force logins for an entire site?  I was looking around everywhere for it and found nothing.  Am I missing something?

3/19/2010 1:06:44 PM
Joe Davis
Gravatar
Total Posts 2239
View Posts

Re: Login Question

Hi,

Set the following in your web.config or user.config (recommended).

<add key="DefaultPageRoles" value="Authenticated Users;" />

This setting will set the view default role for new pages to Authenticated Users. If you already have pages in the site you are setting this on, you will have to change their roles manually. Use the Add/Edit Pages page in the Administration Menu for this.

HTH,
Joe D.

3/19/2010 1:55:26 PM
kevinD
Gravatar
Total Posts 51
View Posts

Re: Login Question

Yeah, I just went in and updated the AuthenticatedRoles field in mp_Pages to change all users to authenticaed users. 

 

My point is, there's well over 100 pages in our site at this point, way too many to make a global security shift of this nature on a page-by-page basis.  It seems like it would be a fairly straightforward configuration setting to say 'if the user is not logged in, force redirect from any sub-page to secure/login.aspx'  Is there some reason not to have that option?

3/19/2010 4:15:54 PM
Joe Davis
Gravatar
Total Posts 2239
View Posts

Re: Login Question

Hi,

I don't know that there is a specific reason. There may even be an undocumented setting somewhere that I have never come across.

You can always make a request in the Feature Requests forum for this to be added.

Thanks,
Joe D.

3/20/2010 6:38:56 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Login Question

Hi,

Page security is determined by page view roles. If you have explicitly created pages with "All Users" then it would be strange to have some other setting that bypasses this and requires authentication, it is far better to change the security settings on the page to reflect your intentions than to have the pages configured to allow unauthenticated users and then some other setting to require authentication.

So if you have created lots of pages and don't want to update them 1 by 1 then:

1. backup your db

2. run this query:

UPDATE mp_Pages
SET AuthorizedRoles = REPLACE(cast(AuthorizedRoles as nvarchar(max)), 'All Users;','Authenticated Users;')
-- WHERE SiteID = yoursiteid if you have multiple sites

3. touch Web.config to make it clear the site map cache and reload with the new role permissions.

Hope it helps,

Joe

3/22/2010 9:27:47 AM
kevinD
Gravatar
Total Posts 51
View Posts

Re: Login Question

Thanks Joe (and thanks Joe D too,) That's pretty much exactly what I did.  I understand your logic, and such a thing would be more or less useless 99.99% of the time, except in cases like the one I was in, where there was a sudden need to modify global minimum authentication requirements.  I wouldn't bother making this a feature request, I just thought I remembered something like this existing, but obviously that's not the case.

 

At any rate, thanks!

You must sign in to post in the forums. This thread is closed to new posts.