Using the Secure Site Component

From Documentation
Jump to: navigation, search

Using the Secure Site Component

The Secure Site package has all the tools needed to build a secure site. Using this package, you can protect your Web pages from being accessed by unregistered users. These password-protected pages will not be viewable unless the user logs in using a valid username and password. The Web site visitors will have to sign-up and create a user account before gaining access to the protected pages.

All the information collected from users at signup will be stored permanently in a database; this information will be available for the site Administrator. This database file can be easily imported in Microsoft Excel, Microsoft Access etc.

The registered users will be able to change their passwords and request to have their forgotten passwords sent by email. The site Administrator will be able to notify by email registered users regarding any changes in the user accounts; these emails will be sent automatically, in different selected formats.

The components from the same package are grouped in a suite. You can have one or more suites on the same Web site. The settings for a suite are stored in a profile. The suites offer the possibility to have more than one component of the same type in a site, with different settings. If you have a site and need more than one protected section, each protected section administrated by a different person, having its own member database, email, settings, etc., then the solution is to place two distinct Secure Site suites on the site and configure them accordingly.

The NOF Secure Site package consists of seven components:

  • The Admin Component
  • The Sign-up Component
  • The Secure Page Component
  • The Login Component
  • The Logout Component
  • The Change Password Component
  • The Get Password Component

The Sign-up Component enables the user to sign up for a new account with the username, password, and additional data.

To have access to the protected pages, the users need to log in to their account with their username and password. The Login Component handles the login process.

To sign out from an account, the user will click a button and the Logout Component will handle the rest.

If a visitor tries to access a protected page, the visitor will be asked either to log-in to their account (if they are registered) or to sign up for a new account if they are not registered yet. After logging in, the visitor will be able to access the restricted area. The Secure Page Component handles the action of securing a Web page.

In case a visitor does not remember their password, they will be able to retrieve the password with the help of the Get Password Component. The user will receive an email containing their registration details.

Once they are logged in, the visitor has the possibility to change their password, with the help of the Change Password Component.

Using the Admin Component the administrator can view and modify a table with the registration details of all the signed-in users.

This tutorial describes:

  • How to use the Secure Site Components
  • Adding a Component to a Page
  • Configuring the Component’s Settings
  • Customizing the Appearance and Setting the Functionality
  • Error / Success Handling
  • Configuring Script and Server – Side Settings
  • Publishing Information
  • Adding the Secure Site Components on a Web Site
  • You can access the Secure Site Components on the NetObjects Fusion Custom Components panel, in Page View.

To place any of the seven Secure Site Components on a page:

  1. Launch NetObjects Fusion and open the site where you want to use the Secure Site Component.
  2. In Site view, create the pages where you will place the Secure Site Components (if you have not already created these pages).
  3. In Page View, select Secure Site > a Component from the Custom Components panel, instead of a Component, select any of the seven Secure Site Components.

Custom-components.png

If you do not see the Secure Site package on the Components Manager panel, go to the NetObjects Fusion View menu, select Components and check the Secure Site option. The Secure Site Component menu will appear on the Custom Components panel.

  1. Draw a box on the Layout to indicate where you want to position the selected Component.
  2. Create a suite for your component or you place the component in an existing suite.

After you have placed the component into a suite the Secure Site dialog box appears.

You will need to configure the Component’s Settings, as you will see it explained for each of the Secure Site Components.

You will see below an example of a Web site created especially to describe the usage of the Secure Site Components for password-protecting pages of the web site. It is not necessary to have the same site structure or content in your site, the Web site from below is an example.

Strucure.png

The goal is to protect the pages that contain specific information, available for certain users (the pages named Projects, Project1, and Project2). To do that, the components will be placed on the following pages:

  • MyAccount - this is where you will place the Login Component; it is the location where the users will log in to their accounts. If the log-in details are correct, the user will be redirected to the Intranet page, which is password protected and from there, they will be able to either change their password (the ChPassw page) or access the Projects pages (also password protected).
  • Sign-up - the page where users are directed to in order to sign-up for a new account; the Sign-up Component will be placed here.
  • GetPassw - this page will contain the Get Password Component that will help customers retrieve their lost log-in details.
  • Admin - this page is reserved for the Admin Component.
  • ChPassw - this is where the customers will be able to change their password, with the help of the Change Password Component.

The Secure Site Components should be placed on separate pages (only the Logout Component can be placed on the same pages with other Secure Site Components).

The Secure Page Component

Placing this component on a specific page will make that page secure, meaning that the page will be available only for two groups of users: normal users (users that are registered) and the Administrator. This component will be used to protect important pages from your site.

In our example site, the Secure Page Component will be placed on the following pages: Intranet, Projects, Project1, and Project2.

If any other visitor tries to access these protected pages, they will be automatically redirected to the page that contains the Login component, in our case My Account page.

Place the Secure Page Component on the other three pages of the example site that you want to make secure: Projects, Project1, and Project2. These pages can contain information that you want to be accessed only by signed-in users.

In the example test, on the Intranet page, you will place a link to Admin page.

The Admin page allows the administrator of the site to manage the user accounts; it is secure by default, that is the reason why you cannot and do not need to place a Secure Page Component here. The Admin page can be accessed using Administrator's account only.

Placing the SecurePage Component on a page

  1. In NetObjects Fusion, open the site where you want to use the Secure Page Component (in case it is not already open).
  2. Add a new page to your site on which to place the Secure Page (or place it on the page that you want).
  3. In Page view, select Secure Site > Secure Page Component from the Custom Components panel.
  4. Draw a box on the Layout to indicate where you want to position the Secure Page Component. The Secure Page dialog box appears.
  5. Create a suite for your component or you place the component in an existing suite.

After you have placed the component into a suite the Secure Page dialog box appears.

  1. Configure the Secure Page Component settings.

Configuring the Secure Page Component’s Settings

After you have placed the Secure Page Component on your site, you can configure its settings in the Secure Page dialog box. The Secure Page dialog box contains three tabs: Security, Access Denied, and General.

Secure-page-dialog.png

On the Security tab, you can configure the security settings for the page on the Component menu.

To place a logo (image) for the secured page:

  • Check the Show secure logo option.
  • Click the .. button.
  • Select an image for the logo.

You can specify what kind of users can access the secure page:

  • Administrator: has the rights to access all the pages on the site (including the secure pages); therefore, this check box will be selected always.
  • Normal user: the registered users that have access to the secured pages, but do not have administrative rights. If the check box for normal users is checked, these users will be able to access the secure page.

On the Access Denied tab, you can establish the behavior of the component in case of unauthorized access.

Secure-page-access-denied.png

Choose the page where the site visitors will be redirected in case they attempt to access this page. This is a protected page and only the registered users that are logged in have access to it. In our example, the user will be relocated to the MyAccount page, where, if the user is registered, they will enter their username and password and log in. If they are not registered yet, the user will sign-up for a new account and then login with their registration details.

On the General tab, you will find the same fields as in the Admin General tab. If you have already filled in these fields in the Admin Component (or in any other Secure Site Components), the information will become available in the Secure Page Component.

If the specified information is not available, refer to the Admin documentation in this tutorial.

The Sign-up Component

The Sign-up Component handles the registration process. The registration process implies signing up for a new user account, by filling in an online registration form. The registration form contains specific fields for collecting the necessary information from the visitors: name, username, password, email address etc. After having filled in and submitted the registration form, the user will receive a confirmation email with his login details: username and password. The Sign-up Component enables the user to sign up for a new account with the username, password and additional data. This information is stored into a database.

If you choose a set of fields, publish the site, and later on decide to change a field's name or to add/remove field(s), next time you will publish the site, all the previous database information will be lost. It is your responsibility to make a backup copy, or to move the data from the old database to the new one.

With the use of this component, the user will receive an e-mail of confirmation after a successful sign-up.

Placing the Sign-up Component on a page of your site

  1. In NetObjects Fusion, open the site where you want to use the Sign-up Component (in case it is not already open).
  2. Add a new page to your site on which to place the Sign-up Component (or place it on the page that you want).
  3. In Page view, select Secure Site > Sign-up Component from the Custom Components panel.
  4. Draw a box on the Layout to indicate where you want to position the Sign-up Component.
  5. Create a suite for your component or you place the component in an existing suite.

After you have placed the component into a suite the Sign-up dialog box appears.

  1. Configure the Sign-up Component settings.

Configuring the Component’s Settings

After you have placed the Signup Component on your site, you can configure its settings in the Signup dialog box. The Signup dialog box contains three tabs: Fields, Page, and General.

Signup-fields.png

On the Fields tab, you can customize the appearance of the signup form. The fields that will appear on the signup form are displayed on the left.

  • To add a new field, click the + button.
  • To remove a field, select the field and click the - button.
  • To change the order of the fields as they would appear on the form, click the field name and move them by clicking the up and down arrows.

On the right side of the window are displayed three tabs named: Label, Field, and Error events.

You can access the field’s settings if you either click the Field tab or select Component > Fields Settings from the Sign-up component menu bar.

The following are the default signup fields:

  • User name: The user name of the person who wants to signup.
  • Password: The password of the person who wants to signup.
  • Retype password: The password of the person who wants to signup.
  • First name: The first name of the person who wants to signup.
  • Last name: The last name of the person who wants to signup.
  • Address: The address of the person who wants to signup.
  • Zip: The zip code of the person who wants to signup.
  • City: The city of the person who wants to signup.
  • County: the County of the person who wants to signup.
  • State: The state of the person who wants to signup.
  • Country: The country of the person who wants to signup.
  • Phone: The phone of the person who wants to signup.
  • E-mail: The e-mail of the person who wants to signup.
  • Captcha: The Captcha option renders characters in a distorted form, asking the user to enter the presented characters.
  • Signup: this button will submit the form to the server. (*)

Configuring the Captcha Options

The Captcha field is of the type Captcha and cannot be changed. Use Captcha images to prevent automated form substitution.

  1. In the Secure Site Properties panel, select Show Dialog.
  2. In the Secure Site dialog, select Captcha in the field list.
  3. Configure the following options for the Captcha option.
    • Style. To apply a custom CSS style to the form object, type the name of the CSS style in the text box or select the style from the drop-down list.
    • Character Font: Select a character font from the drop-down list. The preview will display the Captcha image.
    • Background color: Set the color of the background image.
    • Foreground color: Set the color of the characters.
    • Number of characters: Use the arrow buttons to set the number of characters that will be displayed in the Captcha image
    • Space left between characters: Use the arrow buttons to set the distance left between two characters of a string.
    • Alignments: Select how you prefer the Captcha image to be displayed: horizontally or vertically.
    • Top/Bottom padding: Use the arrow buttons to set the space between the image’s borders and the characters.
    • Right/Left margin: Use the arrow buttons to set the space between the image’s margins and the characters.

Setting Error/Success Handling Options

After filling in the signup form, the user will click the Signup button. If the user has filled in the fields correctly, a success page will appear. If the user has filled in some fields incorrectly, the browser will refresh the page and display an error message, and the fields that are not correct will be pointed with an error marker.

You can configure settings for error messages and error markers on the Page tab.

Signup-page.png

Setting Error Handling Options

In the Signup dialog box, click the Page tab.

  • Check the Show error messages check box to display error messages when error events occur in the browser (when the user fills in incorrectly a field). The error messages will be displayed beneath the controls, at the bottom of the page.
  • Check the Show error marker check box to display an error marker (symbol) to indicate the invalid input text, when the user fills in incorrectly a field. The error marker will be displayed between the field's label and the field.
  • Use the … (browse) button to choose a different image for the error marker.

Setting Success Handling Options

In the Signup dialog box, click the General tab.

  1. In the Success Handling field set, choose the page where the user will be redirected to after successful signing-up the page. If the user signs-up without errors, the user will be redirected automatically to the selected success page.

In our example site, in case of successful sign-up, the user will be redirected to the MyAccount page, where he will be able to login to his newly created account.

  1. If an error occurs while processing the submitted form data, the user will be redirected to the same page and error messages and markers will be displayed.

Setting Script and Server-Side Settings

In the Signup dialog box, click the General tab.

On the General tab you will find the same fields as on the Admin General tab. If you have already filled in these fields in the Admin Component (or in any other Secure Site Component), the information will become available in the Sign-up Component.

If the specified information is not available, refer to the Admin documentation in this tutorial.

The Admin Component

The page that contains the Admin Component is available only for the site’s administrator.

This component allows the site administrator to view a table with all users, their data and account status, in the browser. The administrator can validate/invalidate accounts of multiple users, add/remove users, view and edit the user details and also provide/revoke administrative rights to a regular user.

There are three types of users of a website:

  • Visitors - they will not have access to the restricted pages
  • Registered Users - they will have access to the restricted pages, except for the site administrator’s page
  • Administrator - the administrator of the Web site will have access to all the pages of the site

The page that hosts the Admin Component is a secure page, which can be viewed only by the administrator. This component has the ability to send an email to the user, when the administrator validates/invalidates a user account.

Placing the Admin Component on a page

  1. Launch NetObjects Fusion and open the site where you want to insert the Admin Component.
  2. Add a new page to your site on which to place the Admin Component (in our test site, the page is named Admin).
  3. Exclude this page from navigation (this page will be published, but the visitors will not see it in the navigation bar - there will be a link to this page, placed on another page of the site).

To exclude a page from navigation, select the page in Site View and click the Exclude from Navigation check box on the Page Properties panel.

Exclude-from-navigation.png

Creating a new Suite or selecting an existing one

After you have placed the component on the site page, a dialog box appears.

Here you are able to create a suite for your component or you are able to place the component in an existing suite. Also you are able to associate an existing profile to the new created suite.

Component-suite.png

To create a new suite you will have to enable the radio button and type in that field a new name for the suite. After this all you have to do is to choose a profile for the new suite. All the components from the same suite will have the same general settings. In the /Profile /drop-down list you will have to select a profile. You may create as many profiles as you want on the general tab from the component’s dialog box. The created profile will be visible only for the same type of suite of components, as the suite for which the profile was created.

On the General Settings tab you can configure the settings that are common for all the components in a suite. If you want to save them for a future reuse, you can save them in a profile, by pushing the Save Profile button, and specifying a name for it.

You can also choose an existing suite by enabling the Existing radio button and selecting one from the drop down list.

The Properties Panel

Usually, when you first place a component on the Layout of a page in NetObjects Fusion, the Component’s dialog box appears. If you close the dialog box and you want to configure the component setting in a future moment of time, follow the next steps:

  1. Select the component on the Layout. You will see the Secure Site Properties panel:

Secure-site-properties-panel.png

  1. Click on Click to edit and then press the ... button. The dialog box appears.

Configuring the Component’s Settings

After you have placed the Admin Component on your site, you can configure its settings in the Admin dialog box. The Admin dialog box contains three tabs: Account, Access Denied, and General.

On the Account tab, you can create the administrator’s account and to set the validation flag on the Component menu:

  1. Administrator account.

You can choose a username and password for administrator account. With this account you will be able to access any secure page and manage the users of your site. This is the most powerful account; so make sure that you change the default username/password for this account.

  1. Users can login without administrator clearing.

If the check box Users can login without administrator clearing is checked, the users will be able to login any time after the signup process is completed. If the check box is not checked, the administrator has to validate a user's account before the user can log in.

Secure-site-admin.png

On the Access Denied tab, you establish the behavior of the component in case of unauthorized access.

Secure-page-access-denied.png

Choose the page where the site visitors will be redirected in case they attempt to access this page. This is a protected page and only the site Administrator has access to it.

In our example, the user will be relocated to the MyAccount page, where, if they are the administrator of the site, they will enter their username and password and log in.

On the General tab you will specify the Secure Site Suite general settings. These settings can be saved as a profile and used later for other suites of components.

The General tab contains three sections: Script settings, Database settings, and E-mail settings.

Secure-site-general.png

The Script settings section

Script type: Displays the scripting language, either ASP or PHP, depending on settings from the General tab of the Current Site Options dialog. Depending on what kind of server you have, choose one from the two scripting languages: Active Server Pages (ASP) / PHP Hypertext Preprocessor (PHP) (Version 4.1.0 or later). Check with your Internet service provider to determine which option is appropriate for your hosting environment.

Publish the component in debug mode: When you publish your site for the first time, it could be a good practice to check the Publish in debug mode checkbox. Publishing the site in debug mode will help to see on screen a complete description of an error that can occur. After identifying and solving all the problems on the server and client side, you can uncheck that checkbox and re-publish the site. All errors will be described by their error codes. Then re-publish the site in live mode. Debug mode forces the script to show a detailed report message when an error appears, not just an error code as it would appear if the option were not selected.

Select Language: Here you choose the language for all the messages generated by the scripts, such error messages or components text for which the user does not have access to customize them using components configuration interfaces.

The Database settings section

Path to database: Here you will specify the database file name that will be stored in the scripts directory from the directory where the site is published. This file is saved relative to the scripts site directory, which means if you use relative path to specify the location of the file, this location will be relative to the script directory. For example if you enter there just the file name file.csv this means the file is saved into the scripts directory. This is not recommended because the scripts directory must have write permission for the Web server user and this is a security lack for you site. The best solution is to set the location of the database file outside of the public directories. For example, if your site is located on the first level of the public directories then you should fill the Write to database field with such a value:

../../db/users.csv

The recommended place for the database file is where the Web users has write access but do not have browse access.

NetObjects Tip: After the site is published, you need to give write access to the directory where the databases files are stored (to know where are these files located please check the component’s database prefix field value located under the General tab).

The database that you have specified in the component’s editor will store the input values. You can choose the path to the database. It is an absolute full path, containing the file name, too. If you do not type-in an absolute path, and instead, type-in only a filename, the scripts on the server side will create the database inside the scripts directory of your published site.

Click the Wizard button to launch the DB Creation Wizard.

NetObjects Tip: If you do not use the Wizard button next to the Database field and you leave ../db/users.csv in the default value, then you will have to manually create the /db folder on the server (in the folder where you publish the site) and grant write permission to the /db folder.

Using the DB Creation Wizard

The DB Creation Wizard will assist you during the process of setting up flat file databases. Use the Database Creation Wizard to identify the location of the flat file database and to choose a publishing profile.

In the dialog that appears when clicking the Wizard button on the component’s General tab, you may select a remote publishing profile from the Publishing Profile drop-down list.

The button, displayed to the right of the Publishing profile drop-down list, displays the possible actions or status:

  • Connect: Clicking on the Connect button will establish a connection to the hosting server listed in the Publishing Profiles.
  • Connecting: When the connection to the Publishing Profile is being established
  • Disconnect: When the connection is canceled.

Selecting Cancel or switching publishing profiles while connecting to the server will cancel the connection process.

When NetObjects Fusion connects, the dialog window will display the Folder Tree structure of the website.

The Path to Database field displays the relative path to the flat file database; this path is relative to the folder where the site is published.

The Auto Generate feature can be used to create a path that is two folder levels deep from the selected folder tree, and clicking the Auto Generate button also creates the flat file database. The unexplored folders will be grey-out.

To create a new folder, in which to place the flat file database:

  1. In the Folder Tree, select the directory, under which you want to create the new folder.
  2. Right-click on that folder.
  3. Click on the New Folder menu. The Input dialog appears.
  4. Type the name of the new folder.
  5. Click OK.

To change the name of the flat file database:

  1. In the Folder Tree, select the folder on which you want to create the flat file database.
  2. In the Name field, type a name for the csv file.
  3. Click on the Create Data.. button.

E-mail Settings section

In the Server (IP) adress field, you can specify a SMTP mail server to be used to send/receive emails. The server (IP) address is not mandatory. The PHP will use the SMTP server address specified in the php.ini file on the server and the ASP will use the default windows SMTP server if you leave this field blank. You can also specify a port number if a specific port is required by your hosting service.

The E-mail field is the email address that will be used if the component will send an email to the site administrator. For the signup component after the user submits the signup form, an email is sent to the email address filled in this textbox.

The From field is the email address that will appear in the From field when an email will be sent by this component. This email address must have the right format, otherwise the email sent by the component can not be delivered by your provider’s email SMTP server.

Some hosting services will require the smtp server to be authenticated to send email, if this is the case then check the option for smtp requires authentication and fill the username and password fields. There is also an ssl option if your host requires it.

NetObjects Tip: Most standard shared hosting accounts will not require authentication or ssl.

Click the Save Profile button to save the general settings you have completed. The Save Profile dialog box will open.

Secure-site-save-profile.png

The Change Password Component

With this component, the user will be able to change their password. There is the option that, after successfully changing the password, the user receives an e-mail with their new password. The user will be able to change their password only if they know their current password otherwise they must submit a request to the site’s administrator, who will change it using the Admin page.

Place the Change Password Component on a page of your site, the same way you have previously placed the Secure Site Components.

Configuring the Component’s Settings

After you have placed the Change Password Component on your site, you can configure its settings in the Change Password dialog box. The Change Password dialog box contains four tabs: Fields, Page, Access Denied, and General.

ChPassw-fields.png

On the Fields tab, you can customize the appearance of the form. The fields that will appear for the Login Component are displayed on left.

  • User name
  • Password
  • Login button - this button will submit the form to the server.

To customize the appearance of these fields please refer to the Signup Component section of this document: Configuring the Component’s Settings > Field.

On Page tab you can select the page where you want the user to be redirected after having successfully changed the password.

You can select to which page the unauthorized user will be directed, just, as you have done with the Admin Component. In our test site, the unauthorized user will be directed to the MyAccount page, where they will be asked to log in to their existing account, or, if they are not registered, then sign-up for a new account.

On the Access Denied tab you can choose the page where the site visitors will be redirected in case they attempt to access this page. This is a protected page and only the registered users that are logged in have access to it.

In our example, the user will be relocated to the MyAccount page, where, if the user is registered, they will enter their username and password and log in. If they are not registered yet, the user will sign-up for a new account and then login with their registration details. Only then will the user be able to change password.

ChPassw-general.png

On the General tab you will find the same fields as in the Admin General tab. If you have already filled in these fields in the Admin Component (or in any other Secure Site Component), the information will become available in the Change Password Component.

If the specified information is not available, refer to the Admin documentation in this tutorial.

The Get Password Component

With this component the user can retrieve their forgotten password. An email containing the password will be sent to that user. If the user has created more accounts using the same email address, they will receive the passwords for all the accounts.

This component will always send an email to the user, after a successful get password process.

Place the Change Password Component on a page of your site, the same way you have previously placed the Secure Site Components (the Get Password page of our example site.)

Configuring the Component’s Settings

The Get Password dialog box contains three tabs: Fields, Page, and General.

Get-password-fields.png

In the Get Password dialog box, click the Page tab. Select the page where the user should be redirected to in case of getting password success. In our case, the user will be directed to the Home Page.

Get-password-general.png

On the General tab you will find the same fields as in the Admin General tab. If you have already filled in these fields in the Admin Component (or in any other Secure Site Component), the information will become available in the Get Password Component.

If the specified information is not available, refer to the Admin documentation in this tutorial.

The Login Component

With the help of this component, the user can login with the chosen username and password when signing up. Once the user is logged in, they can access the secured pages.

Placing the Login Component on a page

  1. In NetObjects Fusion, open the site where you want to use the Login Component (in case it is not already opened).
  2. Add a new page to your site on which to place the Login Component (or place it on an existing page). In our example site, place the Login Component on the MyAccount page.
  3. On the Sign-up page add an internal link (*), so that the unregistered user can sign-up for a new account.

Creating an Internal Link to the Signup Page

  1. In Page View, add a text box on the Layout, containing a relevant text (i.e. "Sign-up for a new account").
  2. Select the text to link (in the picture below, the word "sign-up" is selected).XXX
  3. Click the Link tool on the Standard toolbar or the Link button from the Properties Panel.

The Link dialog appears.

  1. From the Link type drop-down menu, select Internal link.
  2. Select the Page you want to link to in Site Structure (Sign-up page in our example).
  3. In the Target area, select one of the two available elements in the drop-down list: Existing and Pop-up window. (To see how to configure the settings for the two options, please refer Creating Links and Anchors in the online Help.)
  4. Click Link.

Configuring the Component’s Settings

The Login dialog box contains three tabs: Fields, Page, and General.

Customizing Appearance and Settings on the Fields Tab On the Fields tab, you can customize the appearance of the login form. The fields that will appear on the login form are displayed on the left.

The following are the default form fields:

  • User name - the username of the person who logs in.
  • Password - the password of the person who logs in.
  • Login button - this button will submit the form to the server.

To customize the appearance of these fields please refer to the Signup Component section of this document: Configuring the Component’s Settings > Fields.

Setting Error/Success Handling Options

After filling in the signup form, the user will click the Login button. If the user has filled in the fields correctly, a success page will appear. If the user has filled in some fields incorrectly, the browser will refresh the page and display an error message, and the fields that are not correct will be pointed with an error marker. You can configure settings for error messages and error markers on the Page tab.

Setting Error Handling Options

In the Login dialog box, click the Page tab.

  • Check the Show error messages check box to display error messages when error events occur in the browser (when the user fills in incorrectly a field). The error messages will be displayed beneath the controls, at the bottom of the page.
  • Check the Show error marker check box to display an error marker (symbol) to indicate the invalid input text, when the user fills in incorrectly a field. The error marker will be displayed between the field's label and the field.
  • Use the … (browse) button to choose a different image for the error marker.

Setting Success Handling Options

In the Login dialog box, click the General tab.

  • In our example site, in case of successful login, the user will be redirected to the MyAccount page, where they will be able to login to their newly created account.
  • In the Success Handling field set, choose the page where the user will be redirected to after successful logging in.
  • In our example, if the user has successfully logged in, they will be redirected to the Intranet page (a secured page).
  • If an error occurs while processing the submitted form data, the user will be redirected to the same page and error messages and markers will be displayed.

On the General tab you will find the same fields as in the Admin General tab. If you have already filled in these fields in the Admin Component (or in any other Secure Site Component), the information will become available in the Login Component.

If the specified information is not available, refer to the Admin documentation in this tutorial.

The Logout Component

This component generates a button, which will log-out the user when clicking on it. Once the user has logged out, it is impossible to access the secured pages anymore. The logout step is a very important one for maintaining the security and privacy of the user's personal information. Especially when people are accessing this site from public places (Internet cafes etc) it is important that they log-out after having finished using the site.

Configuring the Component’s Settings

The Logout dialog box contains three tabs: Field, Page, and General.

On the Field tab you can see that the Logout Component has only one field – the logout button.

To customize the appearance of this fields please refer to the Signup Component section of this document: Configuring the Component’s Settings > Field.

Logout-fields.png

NetObjects Tip: To make it easy for users to logout, we suggest you place the Logout Component on every secure page.

On the Page tab the user, after logging out, will be redirected to the Login page (from the Component > Page Settings panel), where, if wanting, the user can re-login.

On the General tab you will find the same fields as in the Admin General tab. If you have already filled in these fields in the Admin Component (or in any other Secure Site Component), the information will become available in the Logout Component.

If the specified information is not available, refer to the Admin documentation in this tutorial.

Publishing Information

When you add the component object to a page in NetObjects Fusion and preview it, you will see a placeholder graphic. To see how the Secure Site package works, publish the site remotely (for more information on publishing remotely from NetObjects Fusion online Help).

The code generated by the NetObjects Secure Site is evaluated on the server. It is important that you verify that your server supports the server-side language that you are using. For information on server requirements, please contact your hosting provider or refer to your platform documentation.