Access-protected content

Contact

Volker Burggräf
Internet Coordinator

Access-protected content

Websites, content elements within websites and download documents can be given specific access protection. For this purpose, the relevant element or website is assigned a user group in the [Access] tab, which should be authorised to display or retrieve the element.

Restriction to internal university access (intranet pages)

Change the page type to "UOL Intranet" in the page properties
An intranet page is immediately recognisable in the TYPO3 page tree by its coloured symbol.

Websites and download documents can be restricted to the intranet. This means that you can only access them if you are either in the university network or if you first log in with your university login when accessing them from outside. Pages and downloads protected in this way can be recognised by the character string _intranet within their http address.

To ensure that a website can only be accessed within the university, you can make it an intranet page. To do this, change the page type of the page from"Standard" to"UOL Intranet" (see image).

  • The page is then displayed in the TYPO3 page tree with a coloured symbol in which the university arch can be seen.
  • The page automatically has the character string _intranet appended to its http address. This means that the page is immediately recognisable as an intranet page.
  • The highlight: If you try to access such a page from outside, you will be redirected to the university login to authenticate yourself as a university-internal person. In this way, an intranet page for university members can also be accessed from the home office!

Please note:

  • Switching to the UOL Intranet page type changes the http address of the page!
  • The status of an intranet page is not inherited by subordinate pages! Each page that is only to be displayed on the intranet must be marked as such.

To protect download files in the same way, they must be placed in a file directory called _intranet. This is then automatically restricted to internal university access due to its name. See Protect download documents below.

Protection by means of self-selected login/password combination

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

If you want to protect certain websites with a password, a number of steps are required:

How the protection mechanism works in principle

  • The websites/content to be protected must be told that they should only be accessible to members of a specific user group and are therefore blocked for the general public.
  • You create the relevant user group in TYPO3 itself, as well as the user logins consisting of login name and password (a single one is often sufficient).
  • In a non-protected website, you place a login form which can be used to log in with one of the user logins. After successful login, the protected pages become visible and can be accessed.

The set-up steps in detail

  1. Firstly, a location is provided for the user group and the user logins: Create a system folder ("Create new page" at the top of the page tree and then drag the "Folder" icon to the very end of the page tree). This folder can be called "Website users", for example, choose a name of your choice. To make it easier to identify between the web pages, you can also give it a person icon in the page properties (tab [Behaviour] → "Use as container").
  2. Click on the new system folder, switch to the Web→List view on the left and click on the plus symbol at the top of the grey header bar to create a new element.
  3. Now select the "Website user group" entry from the list provided - you will later give this group access rights to the pages/content to be protected. The group should bear the name of your institution or end of project as well as an internal suffix, e.g. "School III - internal". This way, the group is always easy to find.
  4. In the same way, create a "Website user" in the system folder and assign it the login/password combination you require for logging in. Also make sure that the user belongs to the website user group created under (3.).
  5. Create a new content element of the type "Registration form" on your homepage or a specially created website (to be found in the [Forms] tab). This form can, for example, be placed in the side column of your homepage or in the main content area of a specially created login page. Internal users will then be able to log in at this point.
  6. Open the newly created login form element for editing. In the [General]→"Extension options"→[General] tab of the login form, please enter the system folder in which the website user and the website user group were created in the "User location" field so that TYPO3 knows where to look to see which logins are permitted here when a login attempt is made.
  7. Now create further websites or content on pages, in whose properties you assign the website user group you created under (3.) as an access-authorised group in the "Access" tab. In this way, you define that the respective page or element is only displayed if you have previously successfully logged in as a member of this group.

    TIP: You can create a topmost protected page and create any other protected pages as subpages. If you now tick "Extend to subpages" in the [Access] tab in the page properties for the top page, all subpages are automatically provided with the same password protection without you having to reassign the website user group each time.

Combination of intranet site and password protection (for external users)?

It may be desirable for a page to be accessible within the university and at the same time for certain external persons to be able to view the content via a password.

A combination of both protection mechanisms ("either one or the other") is not directly possible, but the content of the intranet page can also be displayed on a second page, which can then be password-protected:

  1. The intranet page (page type "UOL Intranet", see description above) should exist first and contain all the desired content.
  2. Now you can create a second page next to it, for which you can set up password protection(see description above). The login form for this must then be placed on a higher-level, unprotected page.
  3. In the page properties of the second page, you can now use the "Replace content" field in the "Appearance" tab by selecting the above-mentioned intranet page. The second, password-protected page thus inherits the content of the intranet page, but is not an intranet page itself.
  4. Tip: The password-protected page should possibly be labelled as "hidden in the menu" so that two quasi-identical pages do not appear in the menu. The link to the password-protected page can be called up directly from the login form (or via any manually created link in a page).

Further options: Several different access rights

  • Several different access rights
    can be created by defining further user groups in the above-mentioned system folder and then assigning certain content elements or pages to these user groups.
    Of course, several users can also be defined in each user group, for example if several people should not have the same login, but each should have their own access.

Protect download documents

Linked media (PDFs etc.) are not automatically protected, but are accessible worldwide by default! If you want to restrict access to these downloads, there are a few points to consider so that such files cannot be found by Google, for example:

Option 1 - Restrict access to internal university retrieval:

  1. Create a subdirectory called _intranet in the file list. The directory must be named exactly like this and begin with an underscore! (For historical reasons, the directory may also be called"internal", but this is no longer recommended).
  2. Load the download files to be protected into this directory.
  3. Based on the directory name, the files are automatically restricted to internal university access. If you try to access such a file from outside the university network instead, you will be asked for your university login in order to authenticate yourself as a university member.
    Example: Internal download file (PDF)

Variant 2 - Access protection using a password

  1. Create a directory called locked in the file list - this name must be exactly the same! Only then is the directory completely sealed off from the outside.
  2. Now upload all download documents (PDFs etc.) to be protected into this directory AND assign the authorised user group to each document uploaded there (see setting up password protection). For this purpose, there is also an "Access" tab in the document properties, which can be edited in the media management using the pencil icon.
  3. To offer such protected download documents in the pages as clickable downloads, you should always use the "File links" content element (found in the "Special" tab when you create a new "New data record" content element). A secure link to the download documents is then generated, which is authorised via the previously completed login.
Internetkoordinator (Changed: 11 Feb 2026)  Kurz-URL:Shortlink: https://uol.de/p15407en
Zum Seitananfang scrollen Scroll to the top of the page

This page contains automatically translated content.