Securing your site for specific user groups

Certain sites are designed to be used by a specific community or groups of users. SiteFarm can assist you in configuring your site for these restriction levels.

Entire site - Default Setting

Access: anyone with access to the internet can see the content
Configuration steps: no configuration steps necessary

Entire site with some pages restricted to UC Davis community

Access: a selection of page content can be restricted to the UC Davis community while the remainder is available to anyone with access to the internet
Configuration steps:

  1. Navigate to Manage > Configuration > People section > CAS.
  2. From the list of labels in the CAS settings page, click on Forced Login.
  3. In the Pages field, specify pages by using their paths. Enter one path per line. The '*' character is a wildcard. An example path is /user/* for every user page. <front> is the front page. When someone tries to navigate to any of the pages or sections in this list, they will be prompted to log in using their CAS ID and password.
  4. Click Save configuration to finish.

Entire Site - UC Davis community only

Access: only individuals with an authorized account, Kerberos ID, and password can see the content
Configuration steps:

  1. Navigate to Manage > Configuration > People section > CAS.
  2. From the list of labels in the CAS settings page, click on Forced Login.
  3. Check the Enable checkbox to force all users to log in through CAS.
  4. Click Save configuration to finish.

Turn the site into an intranet

Access: restricted to specific accounts a site manager or member of the SiteFarm team create, allowing people to sign in and view the content. Authenticated users do not have editing rights to any of the content. 
Configuration steps

  1. Follow the steps outlined in Adding users to your site, except in step 3, for Roles, do NOT assign a role unless you intend for them to actually assist in maintaining the content in your website. Allow them only the defaulted “Authenticated user” role, which is already enabled on creation. Follow the rest of the instructions on the page per usual.
  2. Site Managers can create a logout menu item--in a menu, a sidebar, a focal link, in the footer--wherever it makes sense for your site.
    • To log out of the site, but not all of CAS, make the link go to /user/logout.
    • To log out of everything, including CAS, use /caslogout instead.

Additional note about files

Please note that CAS only protects your page content; any files you may have linked to your content (PDFs, Word docs, spreadsheets, etc.) are NOT protected. It is strongly recommended that you consider using Box.com for your document management needs, for a variety of reasons, but in this case, because it will keep your content secure.