Thumbnail
Automatic Sign Ins

Developed by

Expert
Expert

This add-on allows users to be automatically signed into a site, matching either an IP address, have when they have come from a particular URL (a 'referrer URL') or if they have landed on a particular page of your site.

When installed, a new dashboard menu item is installed under the 'Members' section, called 'Automatic Sign Ins'. This new section allows an administrator to:

  • pick a user
  • select whether to match by IP address, referrer URL, or just by page
  • and either enter in one or more IP addresses to match, and/or IP address ranges
  • or, enter in one or more referrer URLs
  • and/or, select whether the automatic behavior is restricted to a particular page
  • enable or disable the automatic sign in (without having to delete it)

Some example use-cases:

  1. You have some semi-confidential content that you don't want publicly available, but you want users within a business/organisation to be able to access without having to log into the site. You could then specify the IP addresses or IP ranges that should automatically sign in as a user with particular access permissions. E.g. restricting access to certain library materials using a university or school's public IP address.
  2. You want to offer protected content to a group that may have a user account on another site, but don't want to set up logins/single sign-in on your concrete5 site. In this case you could add a link to your protected content within a protected area of the other site and add a link to your protected content - a user will be automatically logged in because they have come from a specified URL (the 'referrer URL').
  3. You may have a section of a website you only wish visitors to be able to access once they have completed a form or other action. Your hidden form 'thank you' page could be set to be the page where automatic login occurs, unlocking further content.

The add-on doesn't prevent administrators or other users from still signing in to a site with their own credentials as the login screen is still able to be accessed.

Cautions:

Please take care when configuring automatic sign ins, as to not accidentally allow access to editing controls or protected content you aren't intending. The add-on will highlight if when the super administrator user or users in the Administrators group is used, but will not stop you from doing so.

Also note that using referrer URLs to protect content is not completely secure - if the referrer URL is recognised as the reason for access, a technically skilled user can perform 'referer spoofing', to pretend they have come from that URL. Therefore it is recommended to not use this add-on to protected highly valuable resources or downloads.

Disclaimer: as per the marketplace licensing, neither concrete5 or Mesuva can not be held accountable for unintended site access through the use or mis-use of this add-on.

 

Current Version: 0.9.4
Fully Translatable: Yes
Needs External Libraries: No
Compatible 8.4.0+
License: Standard
Support Response: Replies to tickets every few days.
Support Hosted: On concrete5.org
Needs extra server permissions: No
Needs Internet: No
Marketplace Tests:
Passed Automated Tests
Passed PRB Review