Adding a secured section for partners

Kentico provides a way to create secured site sections that can only be viewed by users who have a valid user name and password. This page describes how to create a logon web page for the purposes of user authentication and registration, as well as a secured page accessible only by logged in users.

Adding the secured partners page

Start by adding a new secured page that requires authentication:

1. Open the Pages application and select the root of the content tree (My website).
2. Click New ().
3. Choose the Page (menu item) page type.
4. Type Partners as the Page name and choose the Use existing page template option. Select the Templates with editable regions category and the Simple text page template.
5. Click Save to create the page.
6. On the Page tab, type the following text into the editable region: This is a secured page for partners.
7. Click Save.
8. Open the Properties -> Security tab of the Partners page.
9. Select Yes for the Requires authentication property in the Access section
10. Click Save.

This ensures that only authenticated (logged in) users can access the page.

Creating the logon page

Now build a page where users can sign in to the website and anonymous visitors can register as new users. Use a predefined page template, which you can further customize as needed.

1. In the Pages application, select the root of the content tree (My website).
2. Click New ().
3. Choose the Page (menu item) page type.
4. Type Logon as the Page name and choose the Use existing page template option. Select the Membership and security category and the Log-on page with registration form page template.
5. Click Save to create the page.
6. Drag the Logon page to the end of the content tree.
7. Open the Properties -> Navigation tab.
8. Clear the Show in navigation and Show in sitemap check boxes.
9. Click Save.

Because of the page’s navigation settings, the Logon page does not show up in the website’s menu. You can use this configuration for pages that have a special purpose on the website, but are not part of the regular content.

Setting the website’s logon page

When an anonymous visitor attempts to access a secured page that requires authentication (such as the Partners page on your sample website), the system redirects them to a logon page. By default, websites use the system page that appears when signing into the Kentico administration interface. However, you can configure each website to use its own custom logon page.

1. Open the Settings application.
2. Select the Security & Membership category in the settings tree.
3. Select My website in the Site drop-down menu.
4. Clear the Inherit from global settings check box next to the Website logon page URL setting and type in ~/Logon.aspx. This is the relative URL of the logon page that you added to the website.
5. Click Save.

The website’s logon page is now ready.

Adding a sign out button to the website

The website now allows users to log in, so you should also provide a way to log out. You can do this by adding the appropriate web parts to the website’s master page.

1. Open the Pages application.
2. Select the root of the content tree (My website).
3. Switch to the Design tab.
4. Add the following web parts to the zoneMain web part zone and set their properties:
   

• Current user

  • Content before: <div style=“float:right”>

• Sign out button

  • Content after: </div>

  The <div> tag encloses the Current user and Sign out button web parts and floats them to the right side of the page.