Announcement

Collapse
No announcement yet.

Security issue

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Security issue

    Hello all,

    First time poster, long time creeper. Briefly here is my issue. I have a company I am doing a job for. They want to have a general site set up for everyone. But they just recently signed a contract with a major company. They now would like to have a side store specifically for this major company. They need to be able to ensure this major company that non of their competitors will be able to see in to our site. We also, likewise cannot let our competitors see our site. We do not have the man power to play web admin for thousands of users. Does anyone have any thoughts on what we might be able to do?

    Thanks,

    Chris
    Tags: None
    #2
    Hi,

    You could buy a new license (if you don't already have a multi-site license) for a new site and have it just for logged in customers. Alternatively, you could create a special section just for this company and follow the instructions in this knowledge base article to 'bounce unregistered customers out of sections'. You will have some admin to do though as Actinic cannot create customer accounts automatically.
    Last edited by KB2; 23-Mar-2010, 11:50 AM. Reason: Updating kb links
    ********************
    Tracey
    SellerDeck

    Comment

      #3
      Tracey, thanks for responding. Here is where we are at:

      We already have a new specific site set up specifically for this company. This company will have 1000's of users, thus there is not enough man power to ensure timely processing of log in info. Thus the solution we are working on is trying to come up with one account and one customer for all of the employees to use - thus one username and one password. The puzzle gets even more difficult when you put in the variable that this company wants this to be a moderatly secure site. Nothing stonewalling anybody, but enough to keep honest people honest. Our only solution so far that we've come up with is put a link on their secured intranet site, place a link to our store, and then place a cookie on our login page that restricts access based on the referring site. This actuall does the job just dandy in testing, but we realized this problem occured:

      Site A is the referring site (major company's intranet)
      Site B is our store

      User vistits Site B and gets a redirected and a message explaining the security
      User then vistits Site A
      Clicks link to Site B
      Site B appears and looks tremendous as it should
      User logs in and thus no problems

      The second scenario plays out a little differently (and will be the most common way of entering our store)

      User vistits Site A
      Clicks link to Site B
      Site B shows up lacking all styles and lacking all pics
      And that lasts for the entire user's session

      A little troubleshooting and I found that in Scenario 2 Actinic is swapping the Base Href code and placeing the referring site's URL with our store's URL, thus all the linked CSS and Images are lost because it's calling the wrong URL.

      Anyone have any ideas on a way around this entire issue, or have an idea about how to fix the problem?

      Thanks,

      Chris

      Comment

        #4
        Hi,

        Try creating the link as per this knowledgebase article and see if that works.
        Last edited by KB2; 23-Mar-2010, 11:44 AM. Reason: Updating kb links
        ********************
        Tracey
        SellerDeck

        Comment

        Previous template Next
        Working...
        X