What does this mean?
In the 5.0.3 framework update that was recently released, we changed the behavior of how users can access workgroup pages via a URL link. This was a security flaw in the product for some users and on the other hand, a valuable way for users to share information that may be useful to users not associated with the workgroup.
For those who want to restrict workgroup page access, no further actions need to be taken once updated to 5.0.3.
For customers who want to allow workgroup page access to users who are not explicit members of the workgroup, an easy tag can be added to the webconfig file.
Here are the steps to allow this access:
1. Logon to the portal's application server or navigate to the file structure from a file explorer window.
2. The webconfig file can usually be found at the path below but the name of the portal folder will vary depending on what portal you're wanting to make the change on (production or sandbox) as well as the naming convention (older portals will be called Passageways or Test Portal, etc).
NOTE: Before beginning, take a backup of the web.config file. If any incorrect information is added to the web.config file, the portal can be brought down. If this happens, replace the original file with the backup content and contact Technical Support for assistance.
3. Open the web.config file and CTRL+F to find 'applicationroot'
4. Once in the settings tag area, add the following text to allow workgroup page access via url for users who are not members of the workgroup.
The full settings tag should look similar to the following:
<settings applicationRoot="http://PortalURL/" allowAllUsersToViewAllPages="true" organizationName="PASSAGEWAYS" administratorEmail="firstname.lastname@example.org" editionName="Organization" fileCabinetContentPath="C:\Inetpub\wwwroot\Passageways\FileCabinetContent">
5. Save the file and refresh the portal to make sure no errors are encountered from the change.
Contact Technical Support if you would like use to make this change for your portal.