What is the best way to create a Plone private site

Question

I would like to know every solutions and keep only the best one to "close a website to every anonymous user". An anonymous user should only have the login form.

Existing ways:

• using zope security (remove View permission to anonymous on root plonesite)
• using workflows (changing security mapping of published state)
• using apache in proxy with http auth

Is there other solutions ? What is the best one ?

Note: I had an issue when trying using zope security even the login form was not accessible, so please details a bit your way to achieve this.

Answer 1

My approach with this use case has been (and still is) always to deal with workflows.

Start customizing "intranet workflow" and than remove all options to anonymous. Then give to authenticated (or members) privileges you want.

No need extra code. No need extra product. No need external configuration.

Only the power of Plone.

Answer 2

You can also use the WebServerAuth plugin so users are only allowed access via basic auth. http://plone.org/products/webserverauth

That way you can, just by default, protect everything on the site and not worrying about the plone login forms.

Answer 3

If you're already running a virtual host with Apache then I'd use mod_rewrite to enforce this. The following configuration will direct all unauthenticated users to the login form and also allow users to use the forgotten password process. I've tested this with Plone 4.1 already I imagine it will also work with Plone 4.0

RewriteCond %{HTTP_COOKIE} !__ac=.*
RewriteCond %{REQUEST_URI} !^/acl_users/credentials_cookie_auth/require_login$
RewriteCond %{REQUEST_URI} !/login_form$
RewriteCond %{REQUEST_URI} !/login$
RewriteCond %{REQUEST_URI} !/logged_out$
RewriteCond %{REQUEST_URI} !^/portal_css/
RewriteCond %{REQUEST_URI} !^/portal_javascripts/
RewriteCond %{REQUEST_URI} !^/login.js$
RewriteCond %{REQUEST_URI} !^/logo.png$
RewriteCond %{REQUEST_URI} !^/mail_password_form$
RewriteCond %{REQUEST_URI} !^/mail_password$
RewriteCond %{REQUEST_URI} !^/portal_registration/passwordreset/
RewriteCond %{REQUEST_URI} !^/pwreset_form$
RewriteCond %{REQUEST_URI} !^/pwreset_finish$
RewriteRule ^(.*) /acl_users/credentials_cookie_auth/require_login?came_from=%{REQUEST_URI} [last,redirect=temp]

Answer 4

I would use http://pypi.python.org/pypi/iw.rejectanonymous. It adds a custom traversal hook to the Plone site and only allows access to the login form and the resources used by it for anonymous users.

Keep in mind that in this scenario you cannot cache any pages or listings in a frontend cache, as that would be accessible without authentication. Caching CSS, JS and image resources in Varnish is still a good idea and you can cache things in the browser cache.

Answer 5

I once secured a Plone site so that only authenticated users could see anything (login form was accessible). It was a Plone 2.5 and I know I modified (checked/unchecked roles) these permissions in the Plone Site root's access ZMI page (manage_access):

• Add portal member
• Allow sendto
• Change portal events
• Modify portal content
• Set own password
• Set own properties
• View

I know new permissions have been added in next Plone versions so you might need to tweek other ones.

I think that the easiest way to achieve what you need is by doing this, although I'd recommend using GenericSetup and not TTW customization, like I did:

• It's easier than modifying Published state of workflows.
• If you configure Apache you'll need a double log in (to access the login form and then to log in to Plone). Unless you set a special PAS plugin. This approach, in my opinion, is more difficult than mine.

But given that I didn't tried any of these two last options I can not say my way is the way. I can just say that it worked for me, and hopefully it'll work for you.