Beatrix: How to Use Security Groups for NetID and Auth0 Security logins (instructions for stakeholders) Security can be used on YSM sites to restrict access to an entire site or one particular directory, or structure group, of a site.
There are two security options available to use via TridionBeatrix without any required set-up in the Profile System: CAS and Generic YNHH IDs.
Using CAS, the Yale University login system, access can be limited to all NetID's or only certain NetID's, YNHH IDs, a domain, or any combination of those parameters.
Alternatively, you can use the GenericExternal security option. This allows you to create a custom username and password that users will need login using the individual’s non-Yale email to enter the secured portion of your site .
You can create just one custom username and password or multiple possible entries that will grant access, whatever best suits your needsby creating a login through Auth-0. See Instructions: External User Security (AUTH-0) .
In either case, be sure to follow the Applying Security to A Structure Group instructions after creating the CAS or Generic component.
The following instructions provide information on how to use Tridion to create a Security component and apply it to a structure groupapply security to a site or a section of a website.
Table of Contents
| Table of Contents | ||
|---|---|---|
|
Creating a Security: CAS Component
If you want to use CAS to secure your website, the first step is creating a Security: CAS component.
...
Click New Component (blue) to begin creating a Security: CAS component.
In the Building Blocks folder of your respective website, click New Component (highlighted in blue above) in the Create tab (highlighted in yellow above) of the navigation bar.
You will be taken to a new page for creating the component (shown below):
...
Creating a Security: CAS component.
...
Enter an appropriate Name for your component.
...
Allow the following groups access: This field allows you to select the type of security and enter the information for who gets access.
Choose a Security Type by selecting the radio button next to the option you want.
Based on your selection, enter the corresponding Values for who gets access.
For example, if you choose
NetIDfor Security Type, enter the NetID(s) that are allowed access in the Values field.You can add, delete, or sort Values with the icons to the left of the field (highlighted in red above).
If you will be using multiple Security Types within this single Security component it is crucial to use the furthest left green radio button (highlighted in green above) to make an additional field for your other values.
Once you've finished inserting your Security Types and coordinating Values, click Save and Close in the Home tab (highlighted in blue above).
The component is ready to be inserted onto a page in your Root folder. See the Applying Security to a Structure Group instructions below.
Creating a Security: Generic Component
If you want to use custom usernames and passwords to secure your website, the first step is creating a Security: Generic component.
...
Click New Component (blue) to begin creating a Security: Generic component.
In the Building Blocks folder of your respective website, click New Component (highlighted in blue above) in the Create tab (highlighted in yellow above) of the navigation bar.
You will be taken to a new page for creating the component (shown below):
...
Creating a Security: Generic component.
...
Enter an appropriate Name for your component.
...
Enter a generic username and password: In this section, fill in the Generic Username and Generic Password fields.
These fields can contain any username and password of your choosing.
...
If you would like to allow more than one custom username and password that can access the secured folder, click the green add button (highlighted in green above) to add a second set of fields.
You can add as many username and password pairs as you like.
Once you've finished inserting your username(s) and password(s), click Save and Close in the Home tab (highlighted in blue above).
The component is ready to be inserted onto a page in your Root folder. See the Applying Security to a Structure Group instructions below.
Applying Security to a Structure Group
Once you’ve created either a Security: CAS or Security: Generic component, you are ready to apply that Security to a structure group.
...
Creating a Security page.
...
Within the Structure Group you would like to secure, create a New Page, and start with the General tab.
...
The Name of this new page should be "Security."
...
The File Name must be "security" (lowercase, no spaces).
...
Below Page Template, uncheck the box next to Inherit from Parent (highlighted in yellow above).
...
Select XML from the Page Template dropdown. (highlighted in blue above).
...
Click on the Component Presentations tab of your page (highlighted in green above).
...
In the Component Presentations tab of your page, click Insert.
...
Your Building Blocks folder will pop up, select the security component you just created.
...
Select the component template that matches the schema of the component you created (Security: CAS or Security: Generic).
...
Applying Security to an entire site
To restrict an entire site, go to the Website properties and toggle on the button Do you want to secure this site?
...
Once you turn that on, you will see the options for All Net IDs or All YNHH Ids. If you would like a more restricted list, you can select the Security Groups that you create in the Organization section of Beatrix.
...
| Info |
|---|
See Beatrix: How to Use Security Groups for NetID and Auth0 Security logins (instructions for stakeholders) for instructions on creating security groups. |
Creating a Security Login: Generic Component
| Warning |
|---|
Please note this security method is deprecated. While it is still used on PCPC, it should not be applied to any new sites. |
To edit the PCPC logins, go either to the Learners or Moderators page and select the page properties. The list of logins is there:
...
Applying Security to a Structure Group
If your security only applies to a single page or folder, you turn this on by going to the Page Properties of the highest level page in the group. Please note, that subpages in a navigational group cannot have different settings from the parent page. The options are the same as they are for applying security to an entire site.
| Info |
|---|
Security levels cannot be nested. i.e. a child page cannot have different settings than security at the parent page or site setting. |
