Programmatically Hide Sign In Link

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

Please do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This forum is for discussing mojoPortal development

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

You can monitor commits to the repository from this page. We also recommend developers to subscribe to email notifications in the developer forum as occasionally important things are announced.

Before posting questions here you might want to review the developer documentation.

Do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.
This thread is closed to new posts. You must sign in to post in the forums.
10/18/2013 12:52:24 PM
Dave Mason
Gravatar
Total Posts 2
View Posts

Programmatically Hide Sign In Link

Hi everyone,
First, my apologies if this is posted in the wrong forum.  I wasn't sure if it should go here or in the Design and Skins forum.  Seemed like a coin flip...

I have two environments for MojoPortal:  production and test.  For production (a public facing website), I don't want the login link to be visible.  I have a good understanding of how to do this via a previous forum post:  http://www.mojoportal.com/Forums/Thread.aspx?pageid=5&t=4067~-1

However, I'd prefer to show/hide the login link programmatically to save myself the step of manually editing layout.master every time I deploy to production.  So far, I've come up with two options:

1. Add code to the Page_Load() event of class mojoPortal.Web.layout :
    if(someCriteria)
        LoginLink.Visible = false;
    else
        LoginLink.Visible = true;

2. Add code to the OnLoad() event of class mojoPortal.Web.UI.LoginLink :

    if(someCriteria)
        this.Visible = false;
    else
        this.Visible = true;


I don't like either option because they both violate the rule of "Don't fork the code".  I'm thinking there may be options I'm not aware of that are very different from my way of thinking.  Is there another way?

Regards,
Dave

10/21/2013 1:00:56 PM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Programmatically Hide Sign In Link

Hi,

My advice is don't modify any mojoPortal code.

What I would do is copy the code for the mojoPortal login link to a new class in your own web application or class library project.

Change the namespace and change the logic according to your needs. Compile it into your own dll, put that in the /bin folder of the site and then replace the use of our loginlink in layout.master with yours. You will need to register a tag prefix for your control in the top of layout.master.

Hope that helps,

Joe

10/22/2013 1:00:14 PM
Dave Mason
Gravatar
Total Posts 2
View Posts

Re: Programmatically Hide Sign In Link

Hi Joe,

Thanks for the input.  I stumbled upon another option that you outlined in this thread:  https://www.mojoportal.com/Forums/Thread.aspx?pageid=5&t=5045~1

This involves removing (or commenting out) the <portal:LoginLink/> element from layout.master, and advising admins, content providers, et al to manually browse to the login page located (/secure/login.aspx).  This makes a lot of sense to me.  Is this how most others use MojoPortal?  Is it safe/secure?

10/22/2013 1:24:06 PM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Programmatically Hide Sign In Link

The link only links to the url, showing or hiding the link has no affect on the url itself and has no affect at all on security. The link is just a convenience to make it easy to find the url. If your admins are comfortable just navigating to the login page url without clicking a link that is a good solution since then you have no worry about hiding it in one environment and showing it another. Knowing the url to the login page does not have any security implications, a user must know valid credentials to login. Hiding the login link in no way makes anything more secure or less secure.

10/22/2013 1:25:05 PM
Jamie E
Gravatar
Total Posts 1203
View Posts
Proud member of the mojoPortal team

Help support mojoPortal!
Add-on modules

Re: Programmatically Hide Sign In Link

We use that technique in the skin of some of our sites. It's just a cosmetic change, though, and has no effect on security since anyone will be able to navigate to /secure/login.aspx and attempt to log in anyway. 

It sounded like you want to deploy your entire site, including the skin folder, from development to production? Since I'm writing this I'll just add that I think that's not a very good workflow to use. The best policy, IMO, is to keep your production site as the master, and periodically wipe and rebuild development from that master copy. This way you can avoid any issues with test data being put into production accidentally. This would be an even bigger problem in sites with multiple content editors (like ours).

I hope that helps,

Jamie

You must sign in to post in the forums. This thread is closed to new posts.