How do secure zones work?

Updated on 20-October-2016 at 10:16 AM

This article describes various components of secure zones and at the end we will take a look at a few usage scenarios and see what happens if we misconfigure our secure zone and its content.

The landing page

Each secure zone has a corresponding landing page. That is a special page, one per secure zone, where the site visitor is redirected to if the login was successful.

Note: as a best practice always make sure a secure zone's landing page is secured. Take a look at this section for a more detailed description of what happens if the landing page is not secured.

Generic secure zone login form

When inserting a secure zone login form from the Module Manager you have the option to choose between an existing secure zone and a Generic secure zone:

The generic secure zone is not a secure zone per se. It cannot secure any content, it does not have a landing page and you will not see it in the Site Manager -> Secure zones listing. It is very useful to cover some more generic scenarios, for example a site visitor can be pre-authenticated using a generic secure zone before being granted access to a real secure zone.

Another possible advantage of this type of login would be it does not redirect the user after the login process - the user is left on the same page the generic secure zone login form is inserted to.

The secure zone login form

If we were to insert all the login forms for all the secure zones into a page and switch to the HTML view you will notice the only difference between them is the ZoneID parameter in the form's "action" parameter. Other than this all the secure zone login forms are absolutely identical.

The ZoneID parameter indicates which secure zone landing page to redirect the site visitor to if the login is successful. For generic secure zones the value of this parameter is -1 meaning the user will be left on the same page.

Scenarios

1 user, 1 secure zone

To get started let's take the simplest scenario - a single CRM contact is subscribed to a single secure zone. For this type of scenario we will insert the secure zone login form to the homepage.

After the user logs into the secure zone login form on the homepage he will be redirected to the secure zone's landing page. If the login failed, the site visitor will be presented with the "Access denied " system page.

1 user, 2 secure zones

Let's have a look at a slightly more complex setup which may lead to confusion. On the site we have the CRM contact "John" and two secure zones:

  • the secure zone is "User profiles", its landing page is "/users" and John is subscribed to it
  • the second secure zone is "Premium", its landing page is "/premium" and John is not subscribed to it

Let's insert the secure zone login form for the "user profiles" secure zone to a page. If John logs into that form and the credentials are ok John will be redirected to "/users".

What if John incorrectly uses the "/premium" login form to login? This is usually where the confusion happens. One would expect John to be prompted with the Access denied page because he is not subscribed to Premium.

What will happen is the system will check John's credentials and if they are correct he will be redirected to the secure zone's landing page. The system will try to open up "/premium" however because John does not have access to that secure zone he will get the Access denied system page.

2 user, 2 secure zones

Let's take a look at an even more complex setup:

Two secure zones:

  • the secure zone is "User profiles", its landing page is "/users"
  • the second secure zone is "Premium", its landing page is "/premium". The "/premium" page however is not secured in the "Premium" secure zone.

Two CRM contacts zones:

  • John is subscribed to the "User profiles" secure zone
  • Victor is subscribed to both secure zones

Three login forms:

  • a generic secure zone login form
  • a login form for "User profiles"
  • a login form for "Premium"

Here are a few possible combinations and the explanation for the behavior:

  • John logs in using the "User profiles" login form. He is authenticated and redirected to "/users"
  • Victor logs in using the "generic secure zone" login form. If the credentials entered are correct he will be authenticated but will not be redirected anywhere, he will remain on the same page
  • John logs in using the "Premium" login form. He will be redirected to the "/premium" landing page. Is the landing page in a secure zone? If not even though John used the login form associated to a secure zone he does not have access to he will be redirected and he will see the secure zone's landing page because that page is not secured.

Conclusion

In conclusion - the secure zone login form merely checks an user's credentials. If those are correct then the system tries to redirect the now authenticated site visitor to the landing page associated to the secure zone form he used to log in. If that page is not associated to a secure zone the site visitor has access to, it is only at that time the Access denied system page is shown.

Similarly, if the user is authenticated correctly and tries to access a page that is not added to a secure zone he has access to, he will get the "Access denied" message.

The secure zone login mechanism only confirms the credentials used are correct. After the user is authenticated it is a matter of whether the resource he tries to open is added to at least one secure zone the currently logged in user has access to.