Forum OpenACS Q&A: How to restrict an OACS site to registered users only?

I'm working on an intranet site (using OACS 4.6) that should be accessible only to registered users.

I've been reading the docs on the object and permissions systems, along with the request processor documentation.  But, I'm not yet able to keep unregistered users from viewing pages.

I seem to be missing a crucial piece of the puzzle.  Can anyone provide any pointers?

Thanks in advance,
-- Paul

Collapse
Posted by Don Baccus on
Have you gone to the site map and clicked on "set permissions" for the "/" node?
Well... I have played with perms on the "/" node a bit.

The obvious thing to try was to revoke the public read rights on the "/" node.  I realised what a mistake that was *after* I clicked the "revoke" button.  (I fixed my own mistake with the help of the forums.)

I don't see a combination of permissions that can be placed on the "/" node that will allow public access to a login page, but prevent the public from seeing the rest of the site.

(I apologise if I'm being dense.  I'm still working up the learning curve on OpenACS, and really do appreciate the help.)

Collapse
Posted by Barry Books on
The simplest way is mount a subsite on / called intranet and on permissions click don't inherit from /. Then you can assign any permissions you like.

Then you can have any public pages you need like / and /register but everything under /intranet will be protected