• ►ASP.NET
• ►Commerce
• ► Community
  • ►AddThis
  • ►Blog
  • ►Disqus Comments
  • ►Event Calendar
  • ► Extranet
    • ►User Guide
    • ►Developer Guide
  • ►Facebook Comments
  • ►Facebook Like Box
  • ►Facebook Like Button
  • ►Facebook Pages
  • ►Google PlusOne
  • ►Nabble Forum
  • ►Newsletter
  • ►OpenID
  • ►Page Comments
  • ►Quick Poll
  • ►Raty
  • ►Simple Wiki
  • ►Tell a Friend
  • ►Twitter Feed Aggregator
  • ►UserEcho Feedback Widget
  • ►WIF
• ►Contribution
• ►Feeds
• ►Forms
• ►Lists
• ►Localization
• ►Media
• ►Navigation
• ►News
• ►Search
• ►Tools
• ►Updates
• ►Web
• ►Packages FAQ

Protect web pages and media files via extranet

This package allows you to protect web pages and media files by requiring that users log in to the website before viewing its content. The user-friendly administrative tools for managing users, groups and security are directly integrated into the C1 console. A number of rendering functions are available for handling the login, logout, login status, lost password requests and self-registration features. All the functions are XSLT-based and easy to redesign.

Besides, you can have multiple extranets with different user databases running on the same C1 installation. Please examine the Composite.Community.Extranet.Plugins.ExtranetProviderConfiguration element in ~/App_Data/Composite/Composite.config.

Web developers can extend Composite.Community.Extranet by integrating it with 3rd-party user and group data.

Price Information

This is a commercial package and not available for free. For information about the price, please see Modules.

How to implement Composite.Community.Extranet

To set up its basic functionality (user database, extranet, login pages and security), follow these steps:

1. Install the Composite.Community.Extranet package on your website (System, Packages, Available packages). Your web browser will restart to make the Extranet area available in the Navigation pane. If not, manually restart it.
2. Configure the email host to use the email features of the package (please see "Email Host Setup").
3. Add a new extranet user. In the Extranet area, expand Extranet, select Users and click Add User on the toolbar. Fill out the fields on the Add Extranet User form and click OK.
4. Add a new extranet group. In the Extranet area, expand Extranet, select Groups and click Add Group on the toolbar. Fill out the fields on the Add Extranet Group form and click OK.
5. Assign users to the group. Expand Groups, select the group and click Edit Group. On the General tab in the Group Members group box, click Edit Selections. In the Users in Group form, select users and click OK. Save changes to the group.
6. In the Content area, under your website's homepage, add a new page, name it "Login" and insert the Composite.Extranet.Login function into the page:
   

    
   <f:function name="Composite.Community.Extranet.LoginForm" xmlns:f="http://www.composite.net/ns/function/1.0" />

7. Insert the Composite.Community.Extranet.LoginStatus function into your templates. This will indicate the user's login status and allow the user to log off directly from the page he or she is currently viewing.
   

    
   <f:function name="Composite.Community.Extranet.LoginStatus" xmlns:f="http://www.composite.net/ns/function/1.0" />

8. Activate the extranet on your website. Right-click your website's homepage and in the context menu, click Add extranet security. Then in the Add Extranet to Page form, select the Extranet provider and the Login page you have created in Step 5.

Protecting pages

To protect a page (and all its subpages):

1. Right-click the page and in the context menu, click Edit extranet security.
2. In the working area, click Edit Selections and in the the New Groups form, select groups to be granted access to this page.
3. Click OK and save the changes.

Securing the entire website

You can secure all the pages on your website (except for the Login page, which is always public) by setting restrictions on the homepage itself. If you want to allow all authenticated (excluding non-authenticated) users access to the homepage, follow these steps:

1. In the Extranet area, right-click Groups and click Edit Group on the toolbar.
2. In the working area, on the Advanced tab, check the Can be assigned access rights option and save the changes.
3. In the Content area, right-click your website's homepage and in the context menu, click Edit extranet security.
4. In the working area, click Edit Selections and in the New Groups form, select Groups. All subgroups will thus be allowed access to the website.
5. Click OK and save the changes.

This will require that users should log in to the website and be a member of at least one group. Non-authenticated users will be redirected to the Login page.

Protecting media files

Once you have created the Login page and set up the extranet on your website, you can also secure your media files. To protect files in the media library, follow these steps:

1. In the Media area, locate the folder you wish to protect, or create a new folder naming it "Protected".
2. Right-click the folder, and in the context menu, click Add extranet protection. In the Add Extranet Protection on Media form, select your Associated extranet and click OK.
3. In the working area, click Edit Selections and in the New Groups form, select the groups to be allowed downloading from this folder.
4. Click OK and save the changes.

Setting up optional features

You can also set up the optional Change Password feature as follows:

1. Create a new page and name it "Change Password".
2. Insert Composite.Community.Extranet.ChangePasswordForm function into the page:

 
<f:function name="Composite.Community.Extranet.ChangePasswordForm" xmlns:f="http://www.composite.net/ns/function/1.0" />

Besides, you can allow users to register themselves as new users on your website as follows:

1. Create a new page and name it "Register".
2. Insert the Composite.Community.Extranet.SignupForm function. The function has the following parameters:

• Auto assigned groups: It specifies the groups automatically assigned to the user after the registration
• Auto approve user: The user will either be able to log in immediately after the registration or require the administrator's approval.
• User folder name: It specifies the user folder to add new users to.

To use the Send Password feature:

1. Create a new page and name it "Send Password".
2. Insert the Composite.Community.Extranet.SendPasswordForm function into the page:

 
<f:function name="Composite.Community.Extranet.SendPasswordForm" xmlns:f="http://www.composite.net/ns/function/1.0" />

Showing group specific content

You can choose to only show some content to visitors who belong to one or more extranet groups and hide it from others:

1. Edit a page in the Content perspective or a template in the Layout perspective.
2. Insert the Composite.Community.Extranet.GroupSpecificContent function ( Insert > Function), or add the following code:
   

    
   <f:function name="Composite.Community.Extranet.GroupSpecificContent" xmlns:f="http://www.composite.net/ns/function/1.0"> 
     <f:param name="Content" value="&lt;html xmlns=&quot;http://www.w3.org/1999/xhtml&quot;&gt;&#xD; &lt;head&gt;&lt;/head&gt;&#xD; &lt;body&gt;&#xD; &lt;p&gt;The group specific content goes here...&lt;/p&gt;&#xD; &lt;/body&gt;&#xD; &lt;/html&gt;" /> 
     <f:param name="GroupList" value="9d68f22f-fc7a-41ff-8092-7aae911f721d,c7b6d4c1-48c7-44e4-bafd-7fa495579187" /> 
   </f:function>

3. Set up its two required parameters:

• Content: The content you want the members of specific groups to see when opening the page. (In the example above, you should replace "The group specific content goes here..." with your own text.)
• Group with access (GroupList): One or more extranet groups the members of which will see the above content on the page. If users are not members of these groups, they will not see this content. (In the example above, you should replace the GUIDs of two extranet groups with those of your choice.)

Important Notes

1. The e-mail functionality of Composite.Community.Extranet uses an SMTP Server on the local host (server) by default. You can change this behavior by editing ~/web.config and include the /configuration/system.net/mailSettings section. Read more about configuring the e-mail host in web.config.

Customization

You can customize the layout by editing:

• the style sheet (/Frontend/Composite/Community/Extranet/Styles.css)
• the respecive XSLT function in the Functions perspective: XSLT Functions > Composite > Community > Extranet

Localization

The strings used in the Extranet XSLT-based functions are stored in this file: ~/Composite/InstalledPackages/Localization/Composite.Community.Extranet.en-us.xml.

See also

• ►Composite.Community.Extranet User Guide
  
• ►Composite.Community.Extranet Developer Guide
  

Requirements

Composite C1 1.2 SP2 Patch 1 or later