Sitefinity CMS
Contents
Working with Public Users Send comments on this topic.
See Also
Security > Users > Working with Public Users

Glossary Item Box

Sitefinity employs the concept of public users. It is possible and easily achievable to have two groups of users - Cms users and Public users without the need of adding custom Membership and Role providers. The Cms Access permission determines if a user is able to enter the Sitefinity administration. Users that belong to roles that have Cms Access set to deny are considered public, they are not able to login to the Sitefinity administration. Such users can still be given permissions for some restricted pages.


In order to create secured sections in a web site, roles for public users could be created and given “View” permissions for the specific pages. Another reason to do this is to give permissions to authenticated users for posting in forums.

 

Managing Users from CMS Pages

There are new login controls that provide easy-to-implement functionality for creating new users (CreateUser control), logging in (Login, LoginStatus), and so on. They are accessible in the toolbox when in page edit mode in the CMS part of Sitefinity. (More on what types of controls are available, see Types of Controls in Sitefinity.)

 

Permissions

There are two types of permissions that may be granted to public users: page and forum permissions.

 

Page Permissions 

A secured section is a set of pages that are available for authorized users only. In order to create such a section in a web site,  these pages should have the property "Anonymous access" set to deny.

For more information on page permissions, see Page Permissions

 

Forum Permissions

The Public users term is provided in order to separate the allowed actions for unauthenticated and authenticated users. This may be used when granting permissions for forum thread and post creation. When Public users are granted "Create" permission for the Forums module, they could still create threads and posts even if the "Deny anonymous authors" is set to "Yes". Unlike them, unauthenticated users may not, since, by default, they belong to the group "anonymous authors".

 

Cms Access

If a public user tries to access the CMS administration, he/she is redirected to an “access denied” page. If a user belongs to several roles and one of them has Cms Access set to deny, the access is denied. If the same user belongs to another role which has Cms Access set to allow, the deny permission will be applied, and no access will be granted. However, if one of the roles the user belongs to has unrestricted permissions, this will be applied in spite of the other permissions, and the access will be granted.

See Also