Skip to Content
Aug 06, 2013 at 06:23 AM

Restrict Access to External Facing Portal


Hi Portal Community I need your collective help!

I have the following scenario:

To start with internal users should only be allowed to access the portal when they are on the corporate network - they should not be allowed to log on via the external URL (e.g. when they go home or are out of the office).

At some point in the future internal users will be given limited access to certain content via the external URL (but not all the content they have when accessing via the internal URL). For example they may be able to see corporate news and check their payment summary externally but they won't be allowed access to change their bank details.

I spent some time thinking about this and did some searching for similar scenarios:

internal-access-direct-and-external-access-via-rev from @Glen Simpson

Portal Filter ID Tips and Tricks from @Tobias Hofmann

externalize-bi-portal-for-limited-set-of-users from Former Member

I have come to the conclusion that in order to block access for internal users on the external URL I would need to write a custom login module (JAAS module) that would check the URL (or URL alias) and if using the external URL it would check that the user was assigned to a certain UME group (e.g. External Users Group). If the user wasn't in the group it would fail the log on attempt. The other option is a separate portal (but I would like to avoid that if possible).

Once internal users are given access via the external URL I thought about using the Filter ID feature of the portal to filter out any top level entry points that should not be shown to the user. The problem with this is that it only filters the entry point, it doesn't actually block access. If the user has for example saved a portal favourite to a filtered area they can still use that favourite to access it.

So I throw it open to you guys and gals... please make suggestions and help me brainstorm this 😀

Thanks in advance,