Self Service Kiosk Security

Question

0

Self Service Kiosk Security

Chris Menken posted 6 Years Ago

Is there a way to secure the self service kiosk so that it is not externally accessible or requires a login like a checkin kiosk does? i looked at the security but it is inheriting global permissions.

Thanks,

Michael Garrison · Answer 1 · 2017-11-29T03:41-07:00

0

Michael Garrison replied 6 Years Ago

Requiring a login would, I believe, prevent people from being able to use their own profiles in the self serve kiosk, since that staff member account would be "logged in" causing Rock to incorrectly think it knew who was using it.

There may be a way to check the IP address the request is coming from and redirect to another page if it doesn't match that of your kiosk or church public address... But unfortunately I don't see anything in the debugger that indicates that information is available to Lava. You may need to use C# in an HTML Content block with execute enabled (you'd wrap the C# in an execute command per https://www.rockrms.com/page/747 ) but although a quick search indicates that Request.UserHostAddress might be the property you want to check, I would wait for someone who actually knows C# to confirm that.

Edit Answer

<p>Requiring a login would, I believe, prevent people from being able to use their own profiles in the self serve kiosk, since that staff member account would be "logged in" causing Rock to incorrectly think it knew who was using it.</p><p>There may be a way to check the IP address the request is coming from and redirect to another page if it doesn't match that of your kiosk or church public address... But unfortunately I don't see anything in the debugger that indicates that information is available to Lava. You may need to use C# in an HTML Content block with execute enabled (you'd wrap the C# in an execute command per https://www.rockrms.com/page/747&nbsp;) but although a quick search indicates that&nbsp;Request.UserHostAddress might be the property you want to check, I would wait for someone who actually knows C# to confirm that.</p>

<p>Requiring a login would, I believe, prevent people from being able to use their own profiles in the self serve kiosk, since that staff member account would be "logged in" causing Rock to incorrectly think it knew who was using it.</p><p>There may be a way to check the IP address the request is coming from and redirect to another page if it doesn't match that of your kiosk or church public address... But unfortunately I don't see anything in the debugger that indicates that information is available to Lava. You may need to use C# in an HTML Content block with execute enabled (you'd wrap the C# in an execute command per https://www.rockrms.com/page/747&nbsp;) but although a quick search indicates that&nbsp;Request.UserHostAddress might be the property you want to check, I would wait for someone who actually knows C# to confirm that.</p>

Save Cancel

Michael Garrison · Answer 2 · 2017-11-29T07:51-07:00

0

Michael Garrison replied 6 Years Ago

Jim Michael has pointed out this coming v7 enhancement:

Added options to the redirect block to only redirect when on/not on specific networks. This will allow you to keep people in certain roles from accessing pages/sites outside of the organization's network.

Can you wait until early 2018 for this?

Chris Menken · Answer 3 · 2017-11-29T07:57-07:00

0

Chris Menken replied 6 Years Ago

Thank You for your replies. Yes. We can wait for that. I think I may be able to do it with the ip filters in IIS as well. I am going to look at that later today. If a member updates their info in the kiosk, where does that go? Does it automatically update their profile or does it go into a queue for review somewhere?

Question

0

Self Service Kiosk Security

0

0

0