Ektron 9.00
You can set up your Ektron website in the following ways. You decide which configuration is the best fit for your particular situation.
Use Ektron’s approval process and scheduled publishing of content to manage when content goes live.
To set up this configuration:
http://www.example.com
, and the development/staging site is http://www.example.com:8080
.www.example.com\Workarea\applicationAPI.asp
and dev.example.com\Workarea\applicationAPI.asp
.uploadedimages/
and uploadedfiles/
folders IIS virtual directories that point to the same physical directory.To test and QA an upgrade, make a temporary copy of the site’s display layer on a separate server connected to the development/staging database.
If the development/staging database is the master, back it up before upgrading.
To set up this configuration:
http://www.example.com
, and the development/staging site is http://www.example.com:8080
. uploadedimages/
and uploadedfiles/
folders IIS virtual directories point to the same physical directory.
To set up this configuration:
To set up this configuration:
www.example.com\Workarea\applicationAPI.asp
and dev.example.com\Workarea\applicationAPI.asp
.uploadedimages/
and uploadedfiles/
folders IIS virtual directories point to the same physical directory.When your project is ready to be tested in house, move the site to a staging server. When the project is ready to go live, move the site to a production (live) server. You can use the same database for all environments. Back up that database often to keep it safe. Alternatively, create a separate database for each server.
To create new environments:
C:/cmsstage
and/or C:/cmsproduct
.http://stage.example.com
points to c:/cmsstage
and http://www.example.com
points to c:/cmsproduct.
c:/assetcatalog
and c:/assetlibrary
folders to the other servers.web.config
. Then, update the database connection information so that it points to the new databases.siteroot/web.config
file.<add key="ek_UseSSL" value="false" /> <add key="ek_SSL_Port" value="443" />
ek_UseSSL
to true.WARNING! If ek_UseSSL
is true, but you did not install the certificate to the Web Server, you cannot log into Ektron.
ek_SSL_Port
to 443
(unless you specified another SSL port).<add key="WSPath" value="http://server name/site name/Workarea/ServerControlWS.asmx" />
Ektron’s web.config
file lets you control many key functions of your content management system. When you install Ektron, web.config
is placed into webroot/siteroot
.
If your server is currently running another .NET application, you must merge that web.config
file with this one. To distinguish Ektron’s tags, they begin with ek_
and reside within the <appSettings>
tags of the web.config
file.
The following sections show the settings in the web.config
file.
Analytics
For SQL Server—Use this connection string to define an SQL server.
ektron.DbConnection
System.Data.SqlClient
NOTE: This value can be blank if you are using Windows authentication.
NOTE: This value can be blank if you are using Windows authentication.
IMPORTANT: After changing any database settings, you must stop and restart the Ektron Windows Service. See Also: Handling Background Processing Functions with the Ektron Windows Service
webroot/cms400Min/workarea/
. So, by default, this folder is set to webroot/cms400Min/workarea/images/application/
.webroot/cms400Min/workarea/
. So, by default, this folder is set to webroot/cms400Min/workarea/Xslt
.ek_RedirectToLoginURL
key sends the user from a forum page to a login page and back to the previous page. For example, a user tries to reply to a forum post, but the user is not logged in. The user is sent to the login page and then returned to the original page.
For example, you visit a community group’s page and click Private Message Admin. You are directed to the private message screen. When you click post, you are returned to the community group’s page. For additional information, see Server Control Reference.
.aspx,.htm,.html
. By default, the list contains.aspx
. See Also: Creating User-Friendly URLs with AliasingNOTE: You can enter one or more extensions. Each extension must begin with a period, and the last extension must be followed by a comma (,).
NOTE: This key has been removed from the web.config
file. However, you can still use this key by adding it between the <appSettings>
tags. For example, <add key=”ek_TreeModel” value=”0”>
changes the folder tree in the Workarea back to legacy.
ek_sitePath
path is prefixed to this location. You would only change this value if you want to move the location of the xml files relative to the Web root.Active Directory Server Configuration
See Using Active Directory with Ektron
NOTE: This setting only works if ek_UserMenuType
is set to zero (0).
See Also: Working with Ektron Content
See Also: Enabling/Disabling Support for Multiple Language Content
<img src=””…/>
and <href….
references point to server named here instead of the local one.Machine Translation
Lets you enter the path to the Google Translation Service API key. See Also: Enabling Machine Translation
ek_appPath
value. By default, ek_appPath
is set to webroot/CMS400Min
. So, by default, this folder is set to webroot/CMS400Min/assets
.NOTE: Users can upload any amount of files. The system handles them 4 at a time.
http://documentation.ektron.com/cms400/v[ek_cmsversion]/webhelp
Change this path if you install help files on local servers. See Also: Installing Help Files on a Local Server.
false
. If set to true
, when a user inserts a quicklink, Ektron inserts a special link instead of a quicklink. A special link determines the correct quicklink to use when a site visitor clicks it. For example, a user adds a content block to folder A. A quicklink to that content is a.aspx?id=10
. Later, if an administrator changes the folder’s template but doesn’t update the quicklink within the content block, the quicklink is broken. To avoid this problem, enable link management.Page 1 of 2
[First Page] [Previous Page] [Next Page] [Last Page]
NOTE: The above text changes depending on the page you are viewing.
<table>
tags create the border. If the border looks wrong or inappropriate, change setting to div. If you do, <div>
tags are used to draw the border instead of <table>
tags. This change typically solves the problem.WARNING! Do not change the default currency or measurement system after your eCommerce site is live.
See Also: Managing Multimedia Assets
add verb="*" path="*.png" type="URLRewrite.StaticFileHandler,
Ektron.Cms.URLRewriter" />
This section explains how to migrate your website to Ektron, as follows.
http://localhost/siteroot/default.aspx
If you can browse the starter site and it works properly, Ektron is properly installed.
Best Practice
You should keep a working version of the starter site to help you debug problems. For example, if you encounter errors on your site, you can refer to the starter site to see if the same errors occur. If they do, that may indicate a problem with the installation. If they do not, the installation is probably OK and an external factor is causing the problem.
NOTE: You can use the Site Setup utility to perform these tasks by choosing Start > Programs > Ektron > CMS400 > Utilities > Site Setup. See Installing a Site.
siteroot/workarea
folder into your site’s folder. These files operate the workarea, library, and content functions.web.config
file that installed to the directory to which you installed Ektron. Edit that file and update the information between the <ConnectionString> tags to point to your: server, database, user, and pwd.NOTE: If you are using SSL, the settings you need to modify are explained in Installing Ektron.
As you create folders, you can assign a default template and style sheet. The default template is used when a new content block is created and Ektron creates a Quicklink that points to the new content block. If you do not provide a default template, it is inherited from the parent folder.
After creating the folders, assign permissions and approvals to them. Permissions can be assigned to a user or a user group. The same is true for the approval process.
Best Practice
Limit permissions for the “Everyone” group, as this gives every user permissions to content. Similarly, limit the “Everyone” group’s inclusion in the approval chainA series of users or user groups who must approve content before it can be published. to restrict which users can publish content.
Best Practice
Because dynamic templates include URL parameters, make each main landing page and other important pages static tags. This makes it easier for you to remember if you need to provide that link to someone.
For instance, each main landing page from your home page could use the static tag. Then, as you go deeper into that section, subsequent pages use a dynamic tag.
NOTE: All images and files must be uploaded and inserted into the content separately.
After installing Ektron, it is easy to create another site. While creating the new site, you can create a sample or minimal site and database. To create a site for your content, you typically install a minimal site and database, then create your Web page templates. Later, add users and content.
CMS400Min.sln.
At this point, you can build the project and log in. If you cannot log in because you have not set up the license key, use the builtin account: by default, the username is builtin and password is builtin.
IMPORTANT: You should only use the builtin account temporarily. As soon as possible, you should insert the license key and log in under a user name assigned in Ektron.
To learn about creating templates and using server controla server control uses API language to interact with the CMS and Framework UI to display the output. A server control can be dragged and dropped onto a Web form and then modified.s, see Working with Ektron Server Controls.
Ektron’s multi-site support feature lets you set up and manage several websites under one CMS. (The multi-site support feature does not support multiple databases.) You can manage content in the additional site the same way you work with content in the root site. You log into a root site then begin editing content in the additional site. Regardless of which site you are using, you can use the common library to insert hyperlinks, images, files, and quicklinks.
IMPORTANT: Place any file (such as an XSLTExtensible Stylesheet Language Transformations file) that needs to be shared among sites in a multi-site environment in a virtual folder. Also, you cannot create a hyperlink within content, a collectionA list of Ektron content links for display on a Web page., menu, and so on to a form that resides in another site.
- All sites reside on the same server
- Each site requires a multi-site license key. To purchase additional licenses, contact Ektron sales.
Advantages of multi-site configurations:
In the Workarea, sites appear in Ektron’s folder structure, and their icon is a globe. A folder to which a production domain is assigned is a domain folder. Links to content in a domain folder are activated via linkit.aspx
, which redirects to the appropriate domain name and uses the appropriate template for the folder or content.
There are 2 ways to install multi-site support. (The automatic setup is easy to use and minimizes issues.)
IMPORTANT: Before creating a multi-site configuration, you must have installed an Ektron website. All installed folders must remain in that site. The original site cannot have virtual folders.
C:\Program Files (x86)\Ektron\CMS400vxx\Utilities\MultiSiteInstall\Multisite.exe
.NOTE: Site folders must reside within the site root folder.
Ektron provides a utility (Multisite.exe
) that automatically completes Steps 1 and 2 for you. If you run this utility, you only need to complete Step 3. The utility is located C:\Program Files\Ektron\CMS400vxx\Utilities\MultiSiteInstall
.
IMPORTANT: Before creating a multi-site configuration, you must have installed an Ektron website. All installed folders must remain in that site. The original site cannot have virtual folders.
C:\Inetpub\wwwroot
folder..config
files in all directories under the site rootweb.config
file and update the ek_sitePath
and WSPath
elements with your Ektron site path.For example, if your Ektron site is in the website root, enter slash (/). If it is in a subdirectory of the website, enter the subdirectory name. For example, if the website root is C:\inetpub\wwwroot
and you have a subdirectory called CMS400Min, enter CMS400Min
as the site path.
In IIS, for each new website, create one new virtual folder for the following shared folders:
These folders are created when you install Ektron. If you did a normal installation, they reside under the site directory. For example, C:\Inetpub\wwwroot\siteroot\uploadedimages
.
To create virtual versions of these folders, see the following section.
aspnet_isapi.dll
file.C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll
.NOTE: Site folders must reside within the site root folder.
NOTE: This text is adapted from Microsoft’s IIS help.
IIS lets you create multiple websites on a single server.
Adding a website to a server requires careful preparation before running the Website Creation Wizard. Consider these recommendations.
If you use a non-standard TCP port number to identify a new website for special situations (such as a private website for development/testing), select a TCP port number above 1023. In this way, the number does not conflict with well-known port numbers assigned by the Internet Assigned Numbers Authority. (For more information about IANA and port assignments, see List of TCP and UDP port numbers
.)
To organize home directories for multiple websites on one server, create a top-level directory for all home directories, then subdirectories for each site.
You can create a home directory
You can also create virtual directories that map to physical directories. For more information, see “Setting Home Directories” and “Using Virtual Directories” in IIS help.
IIS provides 2 methods for adding a new website.
iisweb.vbs
command-line script IMPORTANT: You must be a member of the Administrators group on the local computer to perform the following procedure (or procedures), or you must have been delegated the appropriate authority. As a security best practice, log on to your computer using an account that is not in the Administrators group, and then use the Run as command to run IIS Manager as an administrator. From the command prompt, type runas /user:administrative_accountname "mmc %systemroot%\system32\inetsrv\iis.msc".
To add a site, use the following syntax:
appcmd add site /name: string /id: uint /physicalPath: string /bindings: string
The variable namestring is the name, and the variable iduint is the unsigned integer that you want to assign to the site. The variables namestring and iduint are the only variables that are required when you add a site in Appcmd.exe.
NOTE: If you add a site without specifying values for the bindings and physicalPath attributes, the site will not be able to start.
The variable physicalPathstring is the path of the site content in the file system.
The variable bindingsstring contains information that is used to access the site, and it should be in the form of protocol/IP_address:port:host_header
. For example, a website binding is the combination of protocol, IP address, port, and host header. A binding of http/*:85:
enables a website to listen for HTTP requests on port 85 for all IP addresses and domain names (also known as host headers or host names). On the other hand, a binding of http/*:85:marketing.contoso.com
enables a website to listen for HTTP requests on port 85 for all IP addresses and the domain name marketing.contoso.com
.
To add a website named contoso with an ID of 2 that has content in c:\contoso, and that listens for HTTP requests on port 85 for all IP addresses and a domain name of marketing.contoso.com, type the following at the command prompt, and then press Enter.
appcmd add site /name: contoso /id:2 /physicalPath: c:\contoso /bindings:http/*:85: marketing.contoso.com
See Also: Appcmd.exe (IIS 7).
Load Balancing has 2 purposes:
To enable load balancing, set up several servers that include the same files.
IMPORTANT: The physical path to the Ektron website must be the same on all servers being load balanced. Also, sticky sessions must be enabled.
Then, purchase load balancing equipment to evenly distribute content requests among the servers. Whenever an image or file gets uploaded to your website, regardless of the Web server the user is working on, the assetan external file, such as a Microsoft Word document or image, stored in Ektron. It can be managed like native Ektron content. is replicated on both servers.
The client browser is unaware that more than one server is involved. All URLs point to a single website. The load balance software resolves them.
Ektron provides different strategies for load balancing library images and files and DMSDocument Management System; Ektron's way of managing assets (Microsoft Office files and other types of files) assets.
See Also: eSync in a Load Balanced Environment
Library load balancing is important when your configuration consists of 2 or more websites that share one database. Library files are not saved in the database but in the site root folders uploadedfiles
and uploadedimages
.
To support load balancing, library files on all servers must be identical. To maintain this state, whenever a user uploads an item to the library, it is replicated on all other servers. After following the setup instructions, whenever an image or file is added to the library of one server, it is copied to the corresponding folder on other servers in the configuration.
C:\Program Files\Ektron\EktronWindowsService40\Ektron.ASM.EktronServices40.exe.config
using a word processor such as Notepad.LibraryLoadBalanced
property to 1.LoadBalServerCount
property to the number of servers in your load balance cluster.See Also: Handling Background Processing Functions with the Ektron Windows Service
Asset load balancing is important when your configuration consists of 2 or more websites that share one database. Ektron balances requests to work with assetan external file, such as a Microsoft Word document or image, stored in Ektron. It can be managed like native Ektron content.s from multiple servers by ensuring that each server has a copy of every asset.
After setting up asset load balancing, any asset added to one server is copied to the corresponding folder on other servers in the configuration. There is no limit to the number of servers that can be load balanced.
The following list shows the load balance settings summary on all servers.
<webroot>\AssetManagement.config
c:\Program Files\Ektron\Ektron.ASM.EktronServices40\
Ektron.ASM.EktronServices40.exe.config
Where x is the number of servers in load balanced configuration
To set up load balancing for assets, follow these steps on all servers that are load balanced together.
AssetManagement.config
file using a word processor such as Notepad. LoadBalanced
element to 1.C:\Program Files\Ektron\EktronWindowsservice40\
Ektron.ASM.EktronServices40.exe.config
LibraryLoadBalanced
property to 1.LoadBalServerCount
property to the number of servers in your load balance cluster.Prerequisite
You must be a member of the Administrators group.
Asset and Library files may become out-of-date or lost due to equipment failures, power outages, or other events. In addition to your Load Balance system, Ektron provides a way to refresh the files contained in the DMS Assets folders and Library Files and Images folders.
NOTE: Open Port 8732 on load balanced servers for load balancing refresh to work properly.
IMPORTANT: Previously, Ektron used Port 6079 for communication between load balancing servers. Starting with version 8.01, this port is no longer used and can be closed in your firewall.
To refresh the load balanced files:
IMPORTANT: If you click Start and the screen quickly returns and files do not refresh, or if a server is missing from the status list, check your Load Balancing settings in Ektron.ASM.EKtronServices40.exe.config
.
To check the Load Balancing Status, click the Scroll button.
The Status screen shows the Load Balancing screen showing either the previous refresh or the current refresh in progress.
You may want to move an Ektron website to a new folder or another server. For example, you complete work on a site that resides on a development server and want to move it to a production server. The original site’s folder is called the source directory, and the new site’s folder is called the destination directory. The directories can reside on the same server or different ones.
You perform a move in the following cases:
NOTE: Ektron eSync feature automatically pushes new and updated site files to a production server. eSync is especially useful when your site contains sensitive information (for example, pricing) that needs to be carefully reviewed for quality assurance before it goes live. Use the eSync feature when you are moving a site from staging to production, or distributing a site among load-balanced servers. For more information, see Synchronizing Servers Using eSync.
To move a site to another server or directory:
C:\Program Files (x86)\Ektron\CMS400vxx\Utilities\PackageSite
.C:\Program Files (x86)\Ektron\CMS400vxx\startersites
folder.NOTE: If you are moving the site to another directory on the same server, paste the folder created by the Package Site utility to the server's C:\Program Files (x86)\Ektron\CMS400vxx\startersites
folder. Also, you can skip Step 5.
IMPORTANT: If the database in the site that you want to copy exceeds 1 gigabyte, you can follow the steps above. However, if site packager fails to create the database script, it throws an error. If this happens, proceed with the installation of the other components. Then, use SQL's database backup function to copy the original database and restore it to the new server.
The installation automatically sets up user permissions based on data collected during setup. However, if there is a problem with user permissions, this section describes how to install manually.
NOTE: If you are using SQL Authentication, you only need to set up the SQL user. If you are using Windows Authentication, you need to set up IUSR and an IIS_WPG or Network Service user.
NOTE: Before doing this, review your users and their permissions. Adjust as necessary for your configuration. Also, if you use Windows Authentication and all users are domain users (and the database administrator wants it this way), you may not have to perform this step.
C:\Program Files\Ektron\CMS400vnn\Utilities\SiteSetup\Database\cms400_permissions.sql
. (nn represents the release number)[MACHINENAME or DOMAINNAME\USERNAME]
with your domain name, backslash (\), and ASPNET (the ASP.NET machine account). For example, [ws10080\ASPNET]
. NOTE: If you are using Microsoft Windows 2003 Server or Microsoft Widows Vista, the user is IIS_WPG
. For example, [ws10080\IIS_WPG]
. If you are using Microsoft Windows 2008 Server, the user is Network Service
.
[ws10080\IUSR_ws10080]
. Click Execute Query ().Microsoft’s SMTPSimple Mail Transport Protocol; an internet standard for electronic mail. service sends an email to notify a user when a task (such as approving a content block or submitting a form) was performed or needs to be performed. This section explains how to enable email notification in Ektron.
NOTE: To learn about email notification for Web Alerts, see Sending Web Alert Emails to Subscribers.
To process email, Ektron uses CDOSYS. Using Simple Mail Transport Protocol (SMTPSimple Mail Transport Protocol; an internet standard for electronic mail.) and the Network News Transfer Protocol (NNTPNetwork News Transfer Protocol; used for transporting Usenet articles between news servers.) standards, CDOSYS enables Windows applications to route e-mail and USENET-style news posts across multiple platforms. CDOSYS lets authors create and view sophisticated emails using HTML and data sources.
NOTE: If the SMTP server that processes email does not find CDOSYS installed, it tries to use CDONTS as a mail server protocol.
For CDOSYS to work, set up the SMTPSimple Mail Transport Protocol; an internet standard for electronic mail. server on your Ektron server or a remote system that sends and receives email. Generally, it is good practice to run SMTP on a server separate from your Web server. However, your Web server must relay the email messages to your SMTP server.
NOTE: To access an SMTP server on a local or remote system, consult your organization's email administrator.
“ek_SMTPServer" value=“localhost” “ek_SMTPServer" value=“127.0.0.1” “ek_SMTPServer" value=“myname”
“ek_SMTPServer" value=“smtp.example.com” “ek_SMTPServer" value=“example.com”
Use this article to configure SMTP in IIS7: Configuring SMTP E-mail in IIS 7
Next, configure Ektron to use SMTPSimple Mail Transport Protocol; an internet standard for electronic mail..
siteroot/web.config
file.<!-- SMTP Server configuration --> <add key="ek_SMTPServer" value="localhost" /> <add key="ek_SMTPPort" value="25" /> <add key="ek_SMTPUser" value="" /> <add key="ek_SMTPPass" value="" />
ek_SMTPServer
value. ek_SMTPPort
to the port your system will access to retrieve email. In most cases, the port is set to 25. If that is not the case, see your System Administrator.ek_SMTPUser
to the username that is set up for the SMTP Server to send and receive email. Typically, the username takes the form of an email address, such as
"ek_SMTPUser" value="yourname@example.com"
."ek_SMTPPass"
value to the password that is set up for the SMTP server to send and receive email. This password is based on the basic authentication. By default, Ektron only accepts encrypted passwords.C:\Program Files (x86)\Ektron\CMS400vxx\Utilities
EncryptEmailPassword.exe
. The Encrypt Utility dialog appears. web.config
file's "ek_SMTPPass" value
.When submitting a form or a content block in an approval process, if you get an error message listed below, it is generated by the SMTPSimple Mail Transport Protocol; an internet standard for electronic mail. server on which you set up the mail system, not by Ektron.
Ektron's automated system sends email to proper users when an action has been, or needs to be, performed. See Also: Customizing Ektron email with Variables.
Email is generated when any of the following actions takes place.
To be notified of these actions, the following must be set:
See Also: General Tab
See Also: Managing Users and User Groups
The Tasks feature also has automatic email notification. See Setting Up Task Types and Categories for Filtering Task Reports.
Ektron can send email notification to users, informing them that actions have taken place or are requested of them. For example, a content contributor receives an email that the contributor's content was published. These emails are stored in resource files, where each email consists of one string for the subject and one for the body. To learn about editing the resource file, see Translating the Workarea.
Each message is called in the presentation layer by its message title. Ektron does not support HTML email, however the message text is fully customizable.
The body of an email can include variables, located between @ symbols. Ektron replaces them with the information for that instance of the email. For example, @appContentTitle@ in the following sentence is replaced with the email’s title.
You can customize the emails, move the variables, add text, rewrite and reorganize.
Carriage Return/Line Feeds are represented by @appCRLF@. These cause the email to move down one line. For example:
Thank you!
Ektron email variables are specialized for the type of email message you need to send.
NOTE: You must be logged in to see the changes.
Click <a href=http://www.example.com/register.aspx&fInvId=@appInviteId@>here</a> to accept.
NOTE: You must be logged in to see the changes.
You can insert these membership variables into the confirmation message.
The list shows variables you can use to customize email messages. When the email is sent, the corresponding description replaces the variable.
NOTE: You must be logged in to see the changes.
Message Title: email subject: content changes approved.
Message Text: Content changes have been approved.
Message Title: email subject: content has been changed.
Message Text: Content changes have been made.
Message Title: email subject: approval request declined.
Message Text: Content approval request declined.
Message Title: email subject: content deletion approved.
Message Text: Deletion of content has been approved.
Message Title: email subject: content has been deleted.
Message Text: Content has been deleted.
Message Title: email subject: request for approval.
Message Text: Request for content approval.
In addition to automatic email, Ektron lets you email a user or user group from many screens. An email icon () next to a user or group name or on the toolbar indicates your ability to do this. Screens in the following Ektron features support instant email.
When you click one or more user/group names then the toolbar's email icon, the email screen appears.
NOTE: The email software must be configured for your server. See Enabling Email Notification.
When the email screen appears, the following information is copied from Ektron into the email.
This section describes how to log in and out, restrict login attempts, and manage passwords.
You must acquire the following before you can log into Ektron and manage website content.
To sign on to an Ektron site:
If you are using one of Ektron’s sample sites, you can use any of 3 standard users that demonstrate Ektron’s flexible user-permissions model.
admin
; Password: admin
; Permissions: Alljedit
; Password: jedit
; Permissions: Basic (for example, add/edit content, manage library files, and so on)jmember
; Password: jmember
; Permissions: Read-only permission to private contentEktron has a login security feature that locks out a user after 5 unsuccessful attempts to log in on one computer. You control login security by changing the ek_loginAttempts
element in the web.config
file.
IMPORTANT: If you want your Ektron eCommerce feature to comply with PA DSSPayment Application Data Security Standard; for software vendors that develop payment applications. certification, the ek_loginAttempts
value must be between 1 and 6.
You can control the following capabilities.
If a user unsuccessfully tries to log in 5 times, this error appears: The account is locked. Please contact your administrator. Afterwards, even if the user enters the correct password, the user is locked out.
NOTE: You can change the error message text in the resource file. See Also: Translating the Workarea.
To change the number of login attempts prior to lockout, edit the ek_loginAttempts
element in the siteroot/web.config
file. For example, to allow 3 unsuccessful logins before lockout, change the value
to 3. You can enter a value of up to 254.
To disable the Login Attempts feature, set the value of the ek_loginAttempts
element in the web.config
file to -1. If you do, any user can try to log in as many times as the user wants. The error message never appears, and the user is not prevented from entering a password.
NOTE: Setting the ek_loginAttempts
element in the web.config
file to -1 unlocks all locked accounts.
When an account is locked out, the Account Locked field is checked on the Edit User screen.
To unlock the account, an administrator user (or a user assigned to the user-admin role) accesses the Edit User screen and unchecks the box. At this point, the user can sign in again.
NOTE: To unlock all users, set the ek_login Attempts
element in the siteroot/web.config
file to -1. See Also: Disabling the Login Attempts Feature.
You can use the Account Locked field to manually lock a user out of Ektron.
That user cannot sign in until either you uncheck the box or change the value of the ek_loginAttempts
element in the web.config
file to -1.
You can change the images used for the login and logout buttons. To do so:
web.config
file in your website’s root directory. <add key="ek_Image_1" value="btn_close.png" /> <add key="ek_Image_2" value="btn_login.png" /> <add key="ek_Image_3" value="btn_login_big.png" />
NOTE: You must update the images and web.config
whenever you upgrade Ektron.
You may find that in certain browsers, the login screen occupies the entire browser window instead of just a small box. Browsers such as Internet Explorer 8 and Firefox have a feature called tabs. When the login window pops up, it may appear as a new tab. You can change this behavior by turning off tabs within the browser.
This section's topics relate to managing passwords.
The builtin user is an emergency user to use if you cannot log into Ektron as an administrator. The builtin username and password are defined in Ektron's setup screen.
The builtin user can log in to Ektron whether or not Active Directory or LDAPLightweight Directory Access Protocol; permits access to distributed information. is enabled. The builtin user's default username/password combination is builtin
/builtin
. For security reasons, change them during installation.
If you log into the Workarea as the builtin user, you can access only the following screens on the Settings tab.
WARNING! Use the builtin user only to correct a bad or expired license key. It is not designed for regular Ektron operations. If you try to edit content while signed in as a builtin user, you will generate errors.
If the builtin user password was changed and you don’t know it, you cannot sign in. In this case, use the BuiltinAccountReset.exe utility, which resets the username/password to builtin
/builtin
. This utility is located in C:\Program Files\Ektron\CMS400versionnumber\Utilities
.
Ektron has a password security feature that forces an administrator or user with the Commerce Admin role to change the password at least every 90 days. This feature is only enabled if the ek_ecom_ComplianceMode
key in the site’s web.config
file is set to true.
When you go 85 days without changing your password, a dialog box appears upon the next log-in, asking you to change the password. If you do not want to do so at that time, click Skip. You can this for the next 5 days. After 90 days have passed, you must change your password before you can log into Ektron.
Ektron has a password security feature that automatically logs out an administrator or user with the Commerce Admin role after 15 minutes of inactivity. Activity is based on requests made to the server.
This feature is enabled when the site’s web.config
file‘s ek_ecom_ComplianceMode
key is set to true
. In addition, if you are using IIS7Internet Information Services (IIS) for Windows® Server, version 7, the line in red below needs to appear between the <modules>
tags in the web.config
file. This line is a part of the default install. You should make sure it has not been removed.
<modules> <add name="MyDigestAuthenticationModule" type="Ektron.ASM.EkHttpDavHandler.Security.DigestAuthenticationModule, Ektron.ASM.EkHttpDavHandler" /> <add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=1.0.61025.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="integratedMode" /> <add name="EkUrlAliasModule" type="UrlAliasingModule" preCondition="integratedMode" /> </modules>
Ektron has a password security feature that forces an administrator or user with the Commerce Admin role to use at least 7 characters in a password. Further, the password must contain at least one alphabetic and one numeric character.
This feature is enabled only when the ek_ecom_ComplianceMode
key in the site’s web.config
file is set to true
.
Ektron has a password security feature that forces an administrator or user with the Commerce Admin role to create a password that does not match the person's previous 4 passwords. This feature is enabled only when site’s web.config
file has the ek_ecom_ComplianceMode
key is set to true
and the ek_ecom_PasswordHistory
key is set to at least 4.
You can set ek_ecom_PasswordHistory
to a number higher than 4 if you want a higher level of security. If you set this key to less than 4 and the ek_ecom_ComplianceMode key
is set to true
, Ektron enforces at least 4.
The Ektron password validation provider lets developers create custom password validation strategies for Ektron. These providers can enforce custom password rules inside the system, beyond the out-of-box capabilities.
This section explains how to create a custom password validation provider for Ektron.
using System; using System.Collections; using System.Configuration.Provider; using Microsoft.Practices.EnterpriseLibrary.Validation; using Ektron.Cms; using Ektron.Cms.Common; using Ektron.Cms.Commerce; using Ektron.Cms.Commerce.PasswordValidation.Provider; using System.Collections.Generic; using System.Text; using System.Text.RegularExpressions;
Ektron.Cms.Extensibility.Commerce.Samples
, rename your class to CustomPasswordProvider
, and inherit from the Ektron.Cms.Commerce.PasswordValidation.Provider.PasswordValidationProvider
class and the Ektron.Cms.Commerce.IPasswordValidation
interface.namespace Ektron.Cms.Extensibility.Commerce.Samples { public class CustomPasswordProvider : Ektron.Cms.Commerce.PasswordValidation.Provider.PasswordValidationProvider, Ektron.Cms.Commerce.IPasswordValidation
#region constructor, member variables public CustomPasswordProvider() { } #endregion
GetRegexFor
methods required by the PasswordValidationProvider
base class. These methods return the RegExregular expression; an alias that creates a pattern. For example, blogs.aspx?blogmonth=3&blogyear=2012&blogid=41 can be a RegEx blogs/2012/03/41. From that, a site visitor can infer blogs/2012/03/40 to see the previous post, or enter blogs/2012/03 to see all March 2012 postss that will validate passwords in Ektron for specific user types.NOTE: This example enforces a minimal requirement for authors/members, and adds a length and diversity requirement for administrators.
#region public methods public override string GetRegexForAdmin() { return "[/.{7}/, Password must contain at least seven characters] " + ",[/[0-9]+/, Password must contain at least one number] " + ",[/[a-zA-Z]+/, Password must contain at least one alphabetical character] " + ",[/^[^ \t'\"%#]+$/, Password cannot contain spaces, tabs, single-quotes, double-quotes, percent-signs, or pound-signs]"; } public override string GetRegexForAuthor() { return "[/.{1}/, Password too short]" + ",[/^[^ \t'\"%#]+$/, Password cannot contain spaces, tabs, single-quotes, double-quotes, percent-signs, or pound-signs]"; } public override string GetRegexForCommerceAdmin() { return "[/.{1}/, Password too short]" + ",[/^[^ \t'\"%#]+$/, Password cannot contain spaces, tabs, single-quotes, double-quotes, percent-signs, or pound-signs]"; } public override string GetRegexForMember() { return "[/.{1}/, Password too short]" + ",[/^[^ \t'\"%#]+$/, Password cannot contain spaces, tabs, single-quotes, double-quotes, percent-signs, or pound-signs]"; } #endregion
ValidateFor
methods, which use the regexs to validate passwords. We use the generic function Validate
to which we pass parameters.public override ValidationResults ValidateForAdmin(string password) { return Validate(password, GetRegexForAdmin()); } public override ValidationResults ValidateForAuthor(string password) { return Validate(password, GetRegexForAuthor()); } public override ValidationResults ValidateForCommerceAdmin(string password) { return Validate(password, GetRegexForCommerceAdmin()); } public override ValidationResults ValidateForMember(string password) { return Validate(password, GetRegexForMember()); } protected ValidationResults Validate(string password, string regexErrorMessage) { ValidationResults results = new ValidationResults(); string regex, errorMessage; string[] parts; string[] raw = regexErrorMessage.TrimStart('[').TrimEnd(']') .Split(new string[] { "],[" }, StringSplitOptions.None); foreach (string combined in raw) { parts = combined.Split(new string[] { "/," }, StringSplitOptions.None); regex = parts[0].Trim('/'); errorMessage = parts[1].Trim().TrimStart('"').TrimEnd('"'); if (!Regex.IsMatch(password, regex)) { results.AddResult(new ValidationResult(errorMessage, this, "", "", null)); } } return results; }
NOTE: The system handles password expiration dates. Setting PasswordExpirationEnabled and RequiresPasswordExpiration tells Ektron to check and enforce those values.
NOTE: When compliance mode is on, password validation cannot be disabled.
public override bool PasswordExpirationEnabled() { return RequestInformation.CommerceSettings.ComplianceMode; } public override bool RequiresPasswordExpiration(long userId) { return (userId == 1); }
siteroot/web.config
file lets you manage password providers within Ektron. passwordValidationProvider
section in the web.config
file. <providers>
key.<passwordValidationProvider
defaultProvider="CustomPasswordProvider">
<providers>
<add name="CustomPasswordProvider"
type="Ektron.Cms.Extensibility.Commerce.Samples
.CustomPasswordProvider, CustomPasswordProvider" />
</providers>
</shipmentProvider>
Facebook Login, an alternative to Ektron's standard login, lets users log in using their Facebook username and password instead of creating an Ektron username and password. Here is an example of Facebook Login control.
This control lets Membership and Ektron users log into an Ektron website. If users have an Ektron user profile, they can be prompted to link the Facebook username and password with that profile.
Facebook Login allows log in only—it provides no other Facebook features, such as viewing profiles or sending messages.
NOTE: The Facebook Login feature does not support Active Directory.
The OnTrek starter site includes a samples of a Facebook Login.
NOTE: The user experience is enabled only after a developer sets up the feature. See Also: Setting Up Facebook Login
If a user clicks a Facebook Login button but is not logged into Facebook, the following screen appears.
When you complete this screen or if you are already logged into Facebook, you are forwarded to a page that prompts you to register with or log into Ektron.
This screen asks if you have a membership account. If so, do you want to connect this Facebook username and password with the Ektron account? If you agree, you will access your membership account via the Facebook Login with Facebook credentials from now on. If you do not have a membership account, complete the lower half of the screen. This is the same screen that new members use to create Ektron accounts. From then on, you can click the Facebook Login button to log into Ektron using a Facebook username and password.
When you log out of Ektron, that action does not log you out of Facebook. Conversely, if a user logs out of Facebook, you are not logged out of Ektron.
NOTE: Facebook often caches information in your browser. If you see JavaScript errors or other odd behavior, clear the browser cache, close all browser windows, and try again.
To set up the Facebook Login feature:
Follow these steps to obtain Facebook keys, paste them into the web.config
file, and identify your site to Facebook.
www.facebook.com
and follow the sign up instructions.facebook
or any variations, such as FB
. Click Continue. A new screen appears, showing your App ID and AppSecret.web.config
file.web.config
elements.ek_FacebookApiKey
ek_FacebookSecret
NOTE: Keys shipped in Ektron sample sites are for localhost. Also, make sure the Facebook keys were generated for the host header/URL to which you're applying them. And, if you are testing secure site setup, verify that the web.config
element ek_useSSL
is true
.
web.config
.NOTE: After you update web.config
with Facebook keys, wait a few minutes before logging into the Ektron site via the Facebook Login server control.
A Facebook form appears if a user clicks a Facebook Login button and is not currently logged into Facebook.
The form is created by Facebook, not Ektron. You can customize parts of it, such as the title and site image, using Facebook's Application settings.
When the user completes the form, the user is forwarded to an Ektron form that prompts the person to register or log in to Ektron.
You specify which form appears via the Facebook Login server control's SignupTemplate
property.
The logic to connect a Facebook user with an Ektron account (circled) is not part of the Facebook Login server control. However, sample code for that functionality is included in the Ektron Tech sample site's register.aspx
page.
If you do not want to redirect the user to a signup form after Facebook login, you can hook the Ektron_FacebookNewMemberLoggedIn
JavaScript event and do whatever you want with it. For example, you could raise a modal dialog with a short signup form. .
The following are Ektron-specific server controla server control uses API language to interact with the CMS and Framework UI to display the output. A server control can be dragged and dropped onto a Web form and then modified. properties. You can find information about native .NET properties such as font, height, width and border style in Visual Studio® help.
Indicates if you are logged into the CMS Explorer and can use it to browse to content, collections, and so on. See Also: Browsing Your Ektron Site Using CMS Explorer.
Enter the Facebook Login button text. The default is Connect with Facebook.
Hides or displays the output of the control in design time and run time.
Enter additional text that appears above the Facebook Login button. The default is Sign in using your Facebook account.
Enter text that appears above the Facebook Login button. The default is Sign in using your Facebook account.
Set a language for viewing content; shows results in design-time (in Visual Studio) and at run-time (in a browser).
Enter the path to the template that appears after a user completes the Connect with Facebook screen.
You can customize the markup for the form using the LoginTemplate and LogoutTemplate server controls.
Facebook Login lets you retrieve the following Facebook profile information, using Facebook Connect Extension.
See Also: Creating and Using Widgets
NOTE: Only Administrator Group members can view and edit the Application Setup screen.
You must complete this before any user can access your Ektron website.
In Workarea > Settings > Configuration > Setup, you can enter or edit information for the Ektron website including:
The Application Setup screen appears. Click Edit to modify the settings.
NOTE: Do not confuse the default application language with the ek_ DefaultContentLanguage variable in web.config
. For more information on that, see Working with Multi-Language Content.
NOTE: Checking this box disables the Web Alerts feature on your server.
WARNING! Ektron strongly urges you to change the default password assigned to the builtin user. Opportunities to do this are presented during installation and in the above field.
IMPORTANT: Editor tab settings apply only to the eWebEdit400 editor.
NOTE: Ektron does not recommend enabling this feature.
The following fields change the default Web page after sign-in and the default Workarea page. The default values are automatically applied to all new users, and to all existing users when you upgrade. Normally, you can modify these values for any user via the Edit User screen. But, you can force these values on all users, removing the ability to personalize them.
IMPORTANT: If you are logging in from the OnTrek sample site, this field is ignored. OnTrek has its own landing page after login, regardless of this setting.
IMPORTANT: When using the Checkout Server Control on an eCommerce site, the Enable setting must be unchecked. Otherwise, new users will receive an error message when they sign-up using this control. See Also: Checkout
Use this button to clear Ektron's cache, which recycles the application pool. For example, you updated the web.config
file but cannot yet see the changes.
Under certain circumstances, Ektron's support group may instruct you to click this button.
Administrators would use this button if they cannot access the hosting servers yet need to reset their website. The button is an alternative to submitting a request to their IT department or hosting company.
After you click Restart, the first request takes longer than usual since the application needs to recompile. Subsequent requests should be processed normally.
To minimize the impact on site visitors, visit your home page immediately after the restart, so that your request is the first "hit."
See Also: Managing Application Pools in IIS 7
If this option is enabled, each time you create a new content or library folder in Ektron, a corresponding physical folder is created on the file system to organize library files on your file server. The following image shows a library folder tree and its corresponding system folder structure.
NOTE: If you are upgrading, the installation does not create sample website folders on the file server. You must add these folders manually. However, all folders that you create are also created on the file server when enabled.
Ektron provides a Windows service (EWSEktron Windows Service) to handle the following background processing functions.
Also, the EWS propagates updates that are made to the database connection string or the site path in the web.config
file. The service copies the new value to the data.config
and sitedb.config
files, which are located in C:\Program Files\Ektron\EktronWindowsservice40
. Any Ektron components that reference these values can retrieve the current information from these files.
The data.config
and sitedb.config
files are updated once each day at a time prescribed in the updateTime
value in C:\Program Files\Ektron\EktronWindowsservice40\Ektron.ASM.EktronServices.exe.config
. You can change this time.
WARNING! Do not edit the data.config
and sitedb.config
files. They are dynamically generated by Ektron. If these files have incorrect values, edit the web.config
file, which is used to generate them.
The EWS starts automatically when Ektron is installed, and again whenever the server is restarted.
To see the status of the service, go to Start > Computer, then right click and choose Manage.
Look for Ektron Windows Services. You can see its status in the Status column.
On your file system, the EWS is located in C:\Program Files\Ektron\EktronWindowsservice40
. Within that folder, the Ektron.ASM.EktronServices.exe.config
file runs the EWS.
By default, PDF generation is enabled. To disable it within the EWS configuration file:
C:\Program Files\Ektron\EktronWindowsService40.
Ektron.ASM.EktronServices40.exe.config.
<add name="PdfFileRead"
type="Ektron.ASM.EktronServices.PdfFileManagerRead.PdfFileManagerReadService,
Ektron.ASM.EktronServices40" IntervalSeconds="101" Enabled="true" />
enabled
to false
.The EWS has an Activity Log that tracks all related events. To view detail for any event, double click it.
A common source of errors is that the service cannot find Ektron sites, because they have not been created yet, as shown in the sample below.