1-888-365-2779
+1-888-365-2779
Try Now
More in this section

Forums / Developing with Sitefinity / Data Management

Data Management

2 posts, 0 answered
  1. Pierre
    Pierre avatar
    12 posts
    Registered:
    03 Jun 2008
    20 Jun 2008
    Link to this post
    Hi,

    We are developing a site that has to have a back-end page where the owners/admins can edit information in the database:

    Example: Take the example of an hotel, the owners/admins want to edit information regarding rooms, activities etc.

    We want to develop a custom user control(s)  to satisfy the management of the information (we already know how to import and use custom user controls in Sitefinity) , (1) what we want to know is if it is possible to specify security for that page through Sitefinity to allow only the owners/admins to access the page while it is live?

    We already tried setting all permissions to a particular page for everyone to Deny all operations including 'View' for another site we developed in Sitefinity, but when viewing it live it still displays.

    (2) Would we have to develop a log-in rather for the owners/admins to navigate to this page while it is live?

    (3) Also how would one set security to the page so normal users that might know the name of this page, can't just type the url in the address bar to open the page?

    Thanks,
    Pierre.



















































































































  2. Rebecca
    Rebecca avatar
    536 posts
    Registered:
    24 Sep 2012
    20 Jun 2008
    Link to this post
    Hello Pierre,

    Yes, you can secure the access to the page through the page permissions set (for the CMS users) as you did, but you also need to deny anonymous access. This will ensure that unauthenticated public users are not able to view the page even if they know the URL to the page. Here is how to do it:
    1. Select the page in the site map.
    2. Go to the Properties tab.
    3. Expand section "More Options".
    4. Select the Deny option for Anonymous Access.

    Doing this will remove the page from navigation for users that don't have permissions to view it. Authenticated users that don't have permissions to view the page will not be able to visit the page using it's URL directly.

    Sincerely yours,
    Rebecca
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
2 posts, 0 answered