The Website lead for a site can request that Authentication required site access be enabled by the WCMS support team.

Site owners for "authentication required" websites can choose what Active directory group can access the website as well as customize the messages displayed when users have not yet logged in, and have logged in but have been denied access to the site.

How to configure your Authenticated site settings

From My Dashboard, navigate to the Site management menu, then select Authenticated site settings

Access Control settings

1. Select the site access you wish to enable:

   1. Users who are logged in: This will allow any user with a WatIAM account to be able to log into the site.

   2. Users specified by Active Directory groups and/or WCMS account.

      Open

      

      Note: any users with site owner or content creation roles assigned will be able to log in regardless of settings.

2. If choosing “Users specified by Active Directory groups and/or WCMS account”, there are three options:

   1. Limit access to these Active Directory groups: Put one Active Directory group per line. To log in, the user must be in at least one of these groups. Leave blank to allow everyone.

   2. Prevent access for these Active Directory groups: Put one Active Directory group per line. To log in, the user must not be in any of these groups. Leave blank to allow everyone.

   3. Allow specific WCMS accounts: If Active Directory groups were entered above, the users listed here will be able to log in regardless of group membership; if no groups were entered, only these users, plus users with site owner or content creation roles, will be able to log in. Enter the WatIAM ID of each user separated by a comma and space (ex. z23april, a2amstr) Note: These WCMS accounts must also be added to the site as users (they do not need any site maintainer roles if they will not be creating/editing content).

Available Active directory groups

• Limit to alumni by using IdM-alumni

• Limit to faculty by using IdM-HR-faculty

• Limit to staff by using IdM-HR-employee while preventing access to IdM-HR-faculty

• Limit to students by using IdM-SA-student

Note: if you require a different Active directory group, submit an IST service desk ticket.

Access Denied message settings

There are three choices for Access Denied message settings:

1. Users who have not yet logged in: This is the message that appears

2. Logged in users without access:

3. All “Access denied” users: This message is what will appear on the home page of the site before the site visitor attempts to gain access. This field is mandatory and defaults to “Content on this site is restricted to authorized users; you must log in. Note that if you are not an authorized user, you may be able to log in, but still not have access to the content” but you are able to edit the content if required. Note: This text will display below the "access denied" message, both before users have logged in, or when a logged in user does not have access to the site. Users who have not yet logged in will see the login section below this text. (Note that text cannot contain HTML, and line breaks will be ignored).

After applying the desired authenticated site settings, select Save configuration.