+ Post New Thread
Results 1 to 12 of 12
Home Access Plus+ Thread, HAP access restrictions in Projects:; How do i restrict HAP access to a small test group. I was thinking make a group called HAP and ...
  1. #1

    Join Date
    Jul 2011
    Location
    Iowa
    Posts
    5
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    HAP access restrictions

    How do i restrict HAP access to a small test group. I was thinking make a group called HAP and join the wanted users to the group and only allow that group access via HAP setup. however i cant find how to do that in HAPs setup page.

  2. #2
    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,588
    Thank Post
    39
    Thanked 513 Times in 443 Posts
    Rep Power
    115
    Edit web.config
    HTML Code:
     <location path="default.aspx">
            <system.web>
                <authorization>
                    <allow roles="HAP Users" />
                    <deny users="*" />
                </authorization>
            </system.web>
        </location>

  3. Thanks to nickbro from:

    magic2119 (8th November 2011)

  4. #3

    Join Date
    Jul 2011
    Location
    Iowa
    Posts
    5
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks Nick. Great program btw!

  5. #4
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    809
    Thank Post
    83
    Thanked 132 Times in 115 Posts
    Blog Entries
    8
    Rep Power
    32
    Quote Originally Posted by nickbro View Post
    Edit web.config
    HTML Code:
     <location path="default.aspx">
            <system.web>
                <authorization>
                    <allow roles="HAP Users" />
                    <deny users="*" />
                </authorization>
            </system.web>
        </location>
    Nick, I added this bit of code to the web.config file and it keeps out users who aren't part of that particular security group, but it still lets them logon in a way. They'll get the logout option, but will be dumped back to login prompt. Does this add to the count of currently logged in users, and is there a way to dump the user back an access denied screen? Thanks again.

    HAP access restrictions-screencap.png
    Last edited by Duke5A; 25th January 2012 at 07:30 PM.

  6. #5
    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,588
    Thank Post
    39
    Thanked 513 Times in 443 Posts
    Rep Power
    115
    That code is correct.

    It does not add to the log count, unless they try to log back in.

    Users should get a unauthorised error message instead of being kicked to the logon screen when using the my files browser. (At least in the extended/v8 versions, should also work in the basic)

    My Files v8:

    Alert Message:
    Access to the path '\\chs01.crickhowell.internal\Shared Area\Admin\Headship\' is denied
    My Files Basic:

    Redirected to unauthorised.aspx

    My Files Extended:

    Alter Message:
    Access to the path '\\chs01.crickhowell.internal\Shared Area\Admin\Headship\' is denied

    If a user attempts to access a part of HAP+ that they aren't allowed to e.g. to the booking system for a student, they should get dumped to the login screen

  7. #6
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    809
    Thank Post
    83
    Thanked 132 Times in 115 Posts
    Blog Entries
    8
    Rep Power
    32
    I'm sorry Nick, I should have clarified. I'm trying to deny students the ability to access HAP altogether. The problem I'm having is after adding that snippet of code to the web.config file in the root of the HAP folder, when attempting to log on as a student your kicked back to log on page without an access denied message. Also, that student's name is then shown in the upper right corner of the page with the log out option. This is what led me to believe the student was actually being logged on and counting against the quota.

  8. #7
    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,588
    Thank Post
    39
    Thanked 513 Times in 443 Posts
    Rep Power
    115
    ok, i'll add some code to the login page for the next release to detect if the user is already logged in and display a warning message

  9. #8
    reggiep's Avatar
    Join Date
    Apr 2008
    Location
    In the vast area of space and time
    Posts
    1,550
    Thank Post
    518
    Thanked 56 Times in 50 Posts
    Rep Power
    30
    Quote Originally Posted by nickbro View Post
    Edit web.config
    HTML Code:
     <location path="default.aspx">
            <system.web>
                <authorization>
                    <allow roles="HAP Users" />
                    <deny users="*" />
                </authorization>
            </system.web>
        </location>
    Hi Nick, Could you let me know where this is now as the web.config file doesn't have <location path="default.aspx"> in it OR do we add the whole snippit of code into our existing web.config?

    Thanks

  10. #9
    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,588
    Thank Post
    39
    Thanked 513 Times in 443 Posts
    Rep Power
    115
    Add it in to the web.config file near the other <location path="" />

  11. Thanks to nickbro from:

    reggiep (12th February 2013)

  12. #10
    reggiep's Avatar
    Join Date
    Apr 2008
    Location
    In the vast area of space and time
    Posts
    1,550
    Thank Post
    518
    Thanked 56 Times in 50 Posts
    Rep Power
    30
    Hmm,
    I half work if I put this in directly below <!--File Upload Limits-->

    <location path="default.aspx">
    <system.web>
    <authorization>
    <allow roles="GRP_HAP_ACCESS" />
    <deny users="*" />
    </authorization>
    </system.web>
    </location>
    But I get a lot of internal errors and the drop down menu at the top stops working!

  13. #11
    nickbro's Avatar
    Join Date
    Jul 2010
    Location
    Gilwern, Wales
    Posts
    3,588
    Thank Post
    39
    Thanked 513 Times in 443 Posts
    Rep Power
    115
    Ok, Remove the above code

    Look for

    HTML Code:
     <authorization>
          <deny users="?" />
        </authorization>
    Change it to
    HTML Code:
     <authorization>
          <allow roles="GRP_HAP_ACCES" />
          <deny users="*" />
        </authorization>
    Should be near the top of the file, inside the main <system.web>

  14. Thanks to nickbro from:

    reggiep (12th February 2013)

  15. #12
    reggiep's Avatar
    Join Date
    Apr 2008
    Location
    In the vast area of space and time
    Posts
    1,550
    Thank Post
    518
    Thanked 56 Times in 50 Posts
    Rep Power
    30
    That worked.

    Thanks Nick

SHARE:
+ Post New Thread

Similar Threads

  1. AB Tutor Control (or similar) Staff Access Restriction
    By Richie1972 in forum Network and Classroom Management
    Replies: 4
    Last Post: 12th July 2008, 01:47 PM
  2. Students Accessing restricted Sites
    By Grommit in forum Network and Classroom Management
    Replies: 4
    Last Post: 8th February 2008, 08:53 AM
  3. Restrict Access to OWA based on TIME
    By ICTNUT in forum How do you do....it?
    Replies: 4
    Last Post: 3rd June 2007, 06:37 PM
  4. restricting logical access
    By strawberry in forum Windows
    Replies: 1
    Last Post: 30th April 2007, 09:30 AM
  5. Restrict Access To USB Devices
    By MuppetQueen in forum Wireless Networks
    Replies: 25
    Last Post: 15th December 2005, 04:53 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •