Loading...

All project content is available for reading, but you need to be a member of the project for Subversion checkout of source code, or to create/modify any information.
Login if you are a member. Apply here to request membership (open to all).

Ticket #223 (closed defect: fixed)

Opened 7 years ago

Last modified 7 years ago

The module is not under EPiServer authorization

Reported by: grenersen@… Owned by: sveinung@…
Priority: major Component: ManageLanguages
Keywords: Cc:

Description

The plug-in should have some access rights associated with it.

This feedback came from a chat via labs.episerver.com (anonymous).

Change History

comment:1 Changed 7 years ago by sveinung@…

  • Status changed from new to closed
  • Resolution set to fixed

Fixed [1743]

comment:2 Changed 7 years ago by steve@…

  • Status changed from closed to reopened
  • Resolution fixed deleted

Please document how the module can be secured without deploying new code, but using web.config location tag.

comment:3 Changed 7 years ago by sveinung@…

  • Status changed from reopened to closed
  • Resolution set to fixed

If you don´t want to deploy new code, you can add a location tag in web.config.
If the user that are trying to access the the module is not a part of the WebAdmins/Administrators groups, it will be redirected to the login page.

<configuration>
<location path="EPiCode/ManageLanguages">
    <system.web>
            <authorization>
                <allow roles="WebAdmins, Administrators"/>
                <deny users="*"/>
            </authorization>
    </system.web>
</location>
Note: See HelpUser/Tickets for help on using tickets.