Force user login
Force user login
Is there a way to force user logins? Our use of AbleCommerce would be for an internal ordering system, we only want certain people to be able to login to order from the site. No one would be able to see the products at all until they logged in.
Re: Force user login
Interesting concept. I"m not sure how feasible it would be for such a configuration. AC7 is designed for anonymous access first.
The simplest way would be to turn off anonymous access to the web site itself in IIS. IIS will force a credentials prompt and authenticate against the local server OS security database before site access would be allowed.
The amount of overall effort depends on what anonymous people should be able to see.
The simplest way would be to turn off anonymous access to the web site itself in IIS. IIS will force a credentials prompt and authenticate against the local server OS security database before site access would be allowed.
The amount of overall effort depends on what anonymous people should be able to see.
Joe Payne
AbleCommerce Custom Programming and Modules http://www.AbleMods.com/
AbleCommerce Hosting http://www.AbleModsHosting.com/
Precise Fishing and Hunting Time Tables http://www.Solunar.com
AbleCommerce Custom Programming and Modules http://www.AbleMods.com/
AbleCommerce Hosting http://www.AbleModsHosting.com/
Precise Fishing and Hunting Time Tables http://www.Solunar.com
Re: Force user login
I figured out a way to do what I wanted. This may not work if you use the 'Site Disclaimer Message' since it will redirect it to the login page or it will try to modify the response headers after they have already been written by the disclaimer message page. I may work on a fix for that but I don't use that so I'm not concerned with it at this point. In order for this to work across the board you have to edit the 'Scriptlet.master' file in the 'Layouts' directory. This may cause issues when upgrading, I believe this file may potentially be overwritten by an upgrade. If anyone has any suggestions on a way to keep this modification but avoid upgrade conflict issues please let me know.
I just put this after all the <%@ Register %> tags. I welcome any and all feedback, good or bad.
Code: Select all
<script runat="server">
protected void Page_Load(object sender, EventArgs e)
{
// Redirect visitor to login page if they have not logged in yet. Anonymouse access
// is not allowed at this site.
if (Request.Url.LocalPath.ToLower() != "/login.aspx" &&
Token.Instance.User.IsAnonymous)
{
Response.Redirect("~/Login.aspx");
}
}
</script>
-
jmestep
- AbleCommerce Angel
- Posts: 8164
- Joined: Sun Feb 29, 2004 8:04 pm
- Location: Dayton, OH
- Contact:
Re: Force user login
I had to make one change to this because a customer wasn't able to access the reset password page when they had forgotten the password and requested it in an email.
Code: Select all
<script runat="server">
protected void Page_Load(object sender, EventArgs e)
{
// Redirect visitor to login page if they have not logged in yet. Anonymous access
// is not allowed at this site.
if (Request.Url.LocalPath.ToLower() != "/login.aspx" && Request.Url.LocalPath.ToLower() != "/passwordhelp.aspx" &&
Token.Instance.User.IsAnonymous)
{
Response.Redirect("~/Login.aspx");
}
}
</script>
Judy Estep
Web Developer
jestep@web2market.com
http://www.web2market.com
708-653-3100 x209
New search report plugin for business intelligence:
http://www.web2market.com/Search-Report ... -P154.aspx
Web Developer
jestep@web2market.com
http://www.web2market.com
708-653-3100 x209
New search report plugin for business intelligence:
http://www.web2market.com/Search-Report ... -P154.aspx