Firstly, this is not a scary as it sounds – but there are a few things that you need to be aware of:
This will save you a lot of pain and head scratching in the future.
The first thing we need to do is create a role.
In Sitecore, navigate to the Role Manager and select New.
Give your role a name (I called mine SiteUser). Make sure the domain is extranet.
Go to the User Manager and create a new user. I have called mine Daniel. This user now needs to be assigned to the role you created above. Notice in the example below I have set the domain as extranet and have assigned them to the role I created in the previous step.
So we now have a role and a user assigned to the role. You can check this by going back to the Role Manager and selecting the role that you have created; then select members in the ribbon and you should see your user as a member of the role.
Next go to the Security Editor. The principal here is to select the ‘Everyone’ role (already setup in Sitecore) and allow access and inheritance on the very first item. This will enable you to start from ‘everything allowed’ with each role for which you wish to lock items.
I have decided to lock the item under the home icon. I have done this by removing the inheritance, thus ‘Everyone’ no longer has access to this item.
I have decided to allow access to the item under the home icon for the ‘SiteUser’ role only. I have done this by allowing the inheritance, thus anyone now in the ‘SiteUser’ role will have access to this item.
Publish the page you have just locked and navigate to it on the front end in a new incognito window. *These two steps are very important to see the changes reflected on the front end of the website*. You should be redirected to a 404 page.
This is because by default our site configuration has been set up with nothing in the entry for loginPage property inside the site node. In the web.config, search for the <sites> node. Below I have set up mine up to redirect to my login page (/Login) located under the rootPath item /Home. So the path to my item will be /Content/Home/Login. Once this has been set up, when you try to go to the restricted page you will now be redirected to the page defined in this configuration.
You will need to setup your login page and a form that when submitted will send a username and password server-side to be validated against a user within Sitecore. If the validation is successful then the user should be redirected to the requested URL before they are redirected to the login page. Because they are a member of the group that has access to the restricted page they will now be able to view the page rather than get redirected to the login page again.