Sitecore - protect page and child pages except for Sitecore group

0
votes

Using Sitecore 8, build 3, MVC. I have a page (yourDomain.com\MustBeSecure) on a Sitecore 8 site and I do NOT want any users to access this unless they are in a specific security group ("sitecore\IhaveAccess").

I've looked into Content Editor for the item, clicked on the Security profile tab but believe that is for content editing.

Any help is appreciated on this.

///////// Update - Now working ///////// I should have noted we are using Active Directory with auto authentication. Per Martin's post I started looking @ Access viewer

** please note on these screen shots I overlay the actual names of the pages (and group name) to test-page and secure page (and IHaveAccess)**.

Thanks for the assistance!!

Screen shot 1: ad\Everyone Access Viewer

Screen shot 2: sitecore\Everyone

Screen Shot 3: default\Anonymous enter image description here

Screen shot 4: Security / Details from Content Editor for pageSecurity / Details from Content Editor for page

1
sitecoresitecore-mvc
What do you mean saying "unable to click the deny"? Did you try clicking that within Assign Security Rights screen (as on my second screenshot, and not the first one)? That screen is for setting permissions - it shows user/role and the item name as well as exact permission you set (and if that is recursive) . - Martin Miles
Martin, Thanks for the quick response. I ended up being able to get the anonymous setup via the "assign Security rights". Added update #2 with screen shots. This is now working as expected. - DanO

1 Answers

2
votes

Use Access Viewer to achieve that (Sitecore --> Security Tools --> Access Viewer).

Select default\anonymous user (those are everyone who not logged in) then select your page, then click Assign and set Deny permission (you would probably also consider setting that recursively with setting Inherintance also to Deny).

Then pick up your role Sitecore\IHaveAccess and repeat previous step with setting Allow permission

enter image description here

And below is the screenshot of a dialog you get after clicking Assign button, there are actual permissions you set for the user / role, as well as inherritance.

enter image description here

Hope this answers your question.