Access Control Rule Profile
- Last Modified:
- 28 May 2019
- User Level:
- Administrator +
This document brings you through the steps to configure and set access control on published pages. Please note that access to the Apache configuration and the TERMINALFOUR database are required.
TERMINALFOUR provides the ability to insert dynamic control into the published page to support the restriction/access as defined. It does not provide the mechanism to recognize the user / viewer so this needs to be set up in advance on Apache.
In this example we are using the default Access File name which is .htaccess, so if your server has been configured differently use that name instead. The file locations here are provided as an example.
The Content type will allow the author to enter the username which has permission to view a section. This will be done by entering their username and checking it against a static file found on the server, in a location which is not accessible from the web.
Set AllowOverride AuthConfig
Edit the httpd.conf file C:\Apache24\conf\httpd.conf
Find the directory entry for your site
e.g. <Directory "c:/Apache24/htdocs">
Change the line from
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# for more information.
Options Indexes FollowSymLinks
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
# Controls who can get stuff from this server.
Require all granted
Create the password directory and .htpasswd file
Create a directory C:\Apache24\passwords. This needs to be a location that is not accessible from the web.
Create a file called .htpasswd to store the usernames and passwords in the following form:
This file will be referenced from the content type layout and will be used to verify users for access to restricted content.
A content type (Access Control) is initially created as a normal Content Type and can be created either in a group or as a Global Content Type. Follow the documentation on creating the Access Control Content Type, but in this case it should only have one element and it should not be compulsory:
|Users Allowed||Plain text||No||400|
Create a Content Layout called text/access-control. All other fields can be left as the default
Add the following Content Layout Code and save.
# start file
AuthName "Restricted Files"
Require user <t4 type="content" name="Users Allowed" output="normal" modifiers="striptags,htmlentities" />
# end file
Convert the Content Type to System Content Type
Database access is required to change the content type to a system content type. First, find the id of the content type just created:
select * from template WHERE template.name="Access Control"
Then use the id to update the content type to a system content type:
UPDATE template SET template.template_type="30" WHERE template.id=46
Content types are identified by the template_type:
- 10 is a regular content type
- 20 is an eform content type
- 30 is a system content type
Go to the Access Control Configuration at System administration > Set up sites & channels > Access control
Check the Enable hierarchical access control.
Set the Access control content type to the content type just created.
Go to Sites & Channels > Access control
Select Create new to create a profile. Then select Create new next to Access Control Rule Profile.
Set a Name and Description.
File Name: enter the name of the access File name set on your Apache webserver. By default, the name will be .htaccess.
CSS for links to Access Controlled sections/media categories: enter path to css file if any formatting for links have been created.
Select Add to save the changes.
Go to System administration > Set up sites & channels > Channels
Edit the channel you wish to enable access control on.
Under Access control and personalization, check Enable Access Control and select the Access Control Profile created earlier.
The setup is now complete and sections can be access controlled for that channel.
Edit the Section(s) you wish to control access to and ensure it contains content that will publish for the channel.
Select the Access tab.
Enable Access Control
Enter the usernames with a space between each user.
Publish the channel and then browse to the restricted section on the published site. A popup requesting a username and password will be presented. Once a valid username and password is entered, the restricted page will be displayed.