I have a Sharepoint 2007 site which has a frontpage and then various sub-sites. One of our usergroups only have access to one of these subsites and not the frontpage. However, due to the way they access the site, they will always land on the frontpage, which currently presents them with the default "access denied" page.
Is there some way to redirect these users to their subsite before they get presented with the access denied page?
All solutions are welcome, and solutions that include programming and feature/solution deployment is not an issue. The solutions is only for this single usergroup, so hardcoding (even if it is ugly) the user group and destination URL is an acceptable solution.
EDIT: I heard a custom accessdenied.aspx page as a suggestion, but it seems to be a rather cumbersome alteration for a simple feature.
One dirty solution is to replace AccessDenied.aspx page, in Layouts folder, and add your own logic. You can check the current user and see if he has permission to "Sub site" then redirect him.
This is not a recommended solution as Service Packs to SharePoint can replace AccessDenied.aspx file.
Related
What I want to know is how to redirect the user to the login page, when the website loads. Or if this cant be done, how to change the default page of the website.
when looking for an answer on the internet, i found several solutions mentioning 'nodes' in the content tab. But I have a template installed, and below the content folder, is the
'Business Site' folder which came with my template.
Thanks,
Callum
If you want a whole Umbraco site to require a login set all the pages to restrict their access in the content of the Admin section. In the content section click right on the pages you want to restrict access to and select Public Access.
Child pages will inherit the public access settings from their parents so to restrict access to the whole site select your top home page. When setting the public access restrictions you will be asked for the login and error pages you want to use, so these will need to have been created before hand.
I've just tested this on my Umbraco 6 site, I don't know about other versions.
Start by looking here.
http://www.wiliam.com.au/wiliam-blog/sydney-web-design-umbraco-reserved-properties-and-their-usage
Are you redirecting them to the umbraco backend? Or is the entire site you want protected?
Another good resource is Umbraco TV specifically the role based protection video.
I have a new big project with ASP MVC 4 and I will need to build in the future a lots of tiny web application that contains:
A Banner ( like Google banner in black , for authentication, notifications , search …… etc. )
A body that must access the banner info and knows if the user is authenticated or not.
Let me explain, if we look at :
Google play (subdomain )
Google Map (subdomain )
Google Translate (subdomain )
Google Gmail (subdomain )
Youtube ( different domain )
We will notice that it’s exactly the same banner for all its subdomains and even different domain (youtube ), and they have just the content that changes, and if I’m already authenticated in google play I do not need to authenticate again in Gmail or YouTube .
I want to do the same thing with my websites :
here a link to explain in images: http://www.use.com/ba3e6c12424c7696be7f
My Questions or just need for confirmation:
1- It is possible to host a banner and websites in different domains and still not authenticate again in every websites? I ‘am thinking about YouTube domain and google domain which is possible. How can I get the same experience?
2 -I assume it’s very easy with subdomains without the need of OAuth 2 for authentication just the normal ASP MVC 4 simple membership will do the job, am ‘I right?
3- Assuming I choose ASP MVC 4 simple membership with subdomains , how can I organize my projects so I don’t have duplicated code for my banner in every project if i want the same experience as google banner ?
a) First idea is to build the banner, put it in an assembly and Render It with an HTML helper, is that a good option? )
b) Do I still have the same experience if I host every subdomain in a different server?
c) Can I choose to host the banner in subdomain1 and load It in a website in subdomain 2 with JavaScript? (do I still have the same experience)
4- Assuming I have to give every website in different domains (not subdomains), how can I manage the architecture? I just need some clues.
5- If I’m wrong on everything, can you guide me to have the exact same experience with complete different domains, or different subdomains with an elegant solution ?
Thank you in advance, and sorry for my bad English (third language).
You really have two separate questions here. First, how to include a bit of HTML in multiple projects. There's really a myriad of possibilities here. If all of your sites are in the same solution in Visual Studio, the easiest method is to simply pick one project to hold the partial view for the banner and then link to it in your other projects. You do this by right-clicking somewhere in your project in the Solution Explorer and choosing Add -> Existing Item..., find the file in the other solution, but instead of "Add" to confirm, click the arrow next to it, to expand the dropdown and choose "Add As Link".
Alternately, or if one or more of your sites is not in the same solution or is in another language altogether, then your best bet is probably just to save the snippet of HTML as a flat file, somewhere each site will have access to. Then, you just read in from this file and display it.
Your second question is more complicated: how to share authentication. If all of the sites are on the same domain (subdomains), then you can just simply set the cookie on the domain itself, and all subdomains will receive the cookie and have access to the authentication status. If you have sites on different domains, though, it gets exponentially more complex. You either have to implement something like OAuth, which is awkward if all the sites belong together (i.e. OAuth is only really used to authenticate with third-parties, no one really uses this to share auth between related but different domains.) Or, you basically create a server that provides authentication for the other sites.
It's a kind of complex setup, but you've seen it in action on places like Google-owned properties. When you go to login, it takes you to accounts.google.com, and then you're redirected to the originating site after logging in. Essentially, what's happening is that technically the only place you're "logged in" at is accounts.google.com. If one of the sites in the family needs authentication, it redirects you to accounts.google.com. At which point, if you have a auth cookie already, it's sent and accounts.google.com restores your authenticated session, it then redirects back to the original site, with some token that identifies that you are logged in. Going into all the details and how to actually set this up is far beyond the scope of what can reasonably be done here on StackOverflow, but this is a really good reference and starting point. Part 1 describes the theory. The next installment details how to set it up.
I have a MOSS Publishing Site, say it's http://dev. It's basically a magazine site, with an issue for every month, so it's dev/2011-01, dev/2011-02, and so on.
There are some general pages like About.aspx, ContactUs.aspx which should be available for all issues. I don't want to create these pages in every issue/site. I know we can put the page in TEMPLATE\LAYOUTS folder.
But I don't really like it, because I want the pages to reside in dev/Pages folder, so it's in 1 repository, instead of here and there.
Is there any other way to achieve this? Like a custom handler that will direct request from dev/2011-01/Pages/About.aspx to dev/Pages/About.aspx.
You can always write a HttpHandler which will redirect the request for these pages.
However , the best way would be to
Put these pages in a feature
Deploy the feature using Module Feature with GhostableInLibrary=TRUE
Activate the feature on all magazine sites.
This way, your pages will reside on file system in feature folder, but will be visible on all sites as ghosted files. You can upgrade the feature to upgrade the files.
I'm not sure why you would need a custom handler. Either you are leveraging the navigation, which means these pages exist on every subsite, or you are manually entering the URL. If it is the latter, why not point to the URL on the root site?
When I've done something like this in the past, I create a custom master page and add the URLs to the pages in the root site in either the left nav or footer (or both). You should be able to use a URL in the style of: ~sitecollection/Pages/About.aspx
I have two users who have Full Control permissions to their department sub-site on SharePoint. They also have Full Control to the Pages document library. The Pages doc library has distinct permission from the site itself, but those two users have Full Control on both as mentioned.
When they try to create a New Page it gives them an "Access Denied" error. I can duplicate this problem with my non-admin account as well.
What am I missing to give these users the ability to create new pages on their site?
Assuming that the user has been granted enough rights to create pages at site level in the first place but is still unable to do so even with Full Control, then there is a high possibility that the user DOES NOT have READ access to the Master Pages and page layouts library. Check the library permissions at the root site collection and grant them the specified permission level accordingly.
Hope that helps.
This is a applicable to SP10 and SP13
Thanks
Ismail
It could also be TaxonomyHiddenList.
You must paste it into your browser - you cannot navigate to it and it is at the site collection level..
http://yoursite/yoursitecollection/Lists/TaxonomyHiddenList
List Menu -> List Settings -> Permissions for this list -> Grant Permissions
Maybe it is possibly to do with the Web Feature called "Content Organiser" which is enabled and not used. If it is activated, de-activate it and test again. This feature will affect document libraries, not lists.
I have a site at http://moss/sites/Electronics/Laptop
I have given users contribute permission on laptop site but still when they try to edit the page they are getting access denied, I have checked the permission level and all permissions are fine bt still users are not able to edit page.
I gave them read permissions on Electronics site and now they are able to edit the pages. My question is why we need to give them read permission on the top level site? What we don't want users to go to the top level site at all and want them to have an access on subsite only? Any idea?
Thanks,
Does the user have any access to the child site before you granted access on the parent? If not, this is likely because you're using some reference to list data from the parent in the child. If the user has no access to the parent and the child is trying to access that data, it will fail and the user will get access denied regardless of their permissions on child.
If they had access but just couldn't edit, this could be a completely different problem but it isn't typical out-of-box behavior. I would still be suspicious that something from parent is being used in child to cause this contention.
I've just discovered this in my 2010 installation. User has rights on a library, but Limited Access at the site level. Granting them Contribute at the site level resolved the issue, but this causes a long list of other issues relating to security. That's an end-user\training issue I need to work on.
Just my $.02