[opencms-dev] How is it possible to disable workplace?

Claus Priisholm cpr at codedroids.com
Tue Oct 5 10:01:46 CEST 2004 

I haven't fiddled with this myself, but maybe it is something you can 
utilize for your setup:

# workplace limited port
# This is the port the workplace access is limited to. With the 
opencms.properties
# the access to the workplace can be limited to a user defined port. 
With this
# feature a firewall can block all outside requests to this port with 
the result
# the workplace is only available in the local net segment.
# Default=-1 (no limit)
workplace.limited.port=-1

Maybe this approach can be used with https, ie. setting the port to be 
say 443 (or whatever the https port is set to). But if you're behind a 
firewall and doing VPN adding HTTPS seems to be a bit of an overkill.


On 5/10-2004, at 7.49, Farnaz Fotrousi wrote:

> Dear Arash,
>  
> Thanks a lot for your solution. My problem is that I don't want to let 
> any one to enter opencms workplace through internet. I just want to 
> let them work with opencms in VPN, But have a site on internet.
>   
> Consider the situation that I implement an advanced authentication and 
> put all on internet. If any one find username and password, can enter 
> opencms workplace and make any undesirable changes on site.But This 
> situation is terrible.
>
> So I prefere to have two databases. One for VPN and one for Internet. 
> In VPN database, have opencms workplace but in Internet database 
> doesn't have or disable it.
> Is it possible?
> It is good to mention that I have lots of dynamic pages.
>  
> Best Regards,
> Farnaz.
>
>
> Arash Kaffamanesh <kaffamanesh at dmu-world.de> wrote:
> > For more security, How it is possible to disable workplace? Do you 
> have another solution?
>  
> you can either export your site statically and serve it with a 
> webserver (e.g proxied apache or iis), or
>  
> connect via https, if you have to use the dynamic mode for several 
> reasons (e.g using lucene), or
>  
> you can write your own custom login (e.g. with jaas, cas) and replace 
> the basic authentification
>  
> > For solving this problem I think, I need to install another opencms 
> with another DB and disable the workplace in the way that no body can 
> enter workplace.
>  
> and how would you yourself enter the workplace? ;-)
>  
> in short: the fastest secure way is to ssl / tls enable your tomcat 
> --> https.
>  
> Best Regards,
> Arash
> -----Original Message-----
> From: opencms-dev-bounces at opencms.org 
> [mailto:opencms-dev-bounces at opencms.org] On Behalf Of Farnaz Fotrousi
> Sent: Montag, 4. Oktober 2004 14:34
> To: opencms
> Subject: [opencms-dev] How is it possible to disable workplace?
>
> Hi,
>  
> I have made a site through opencms.Now I would like to publish this 
> site but I fear that If I put this site on the internet, some one can 
> crack and enter opencms workplace. So he can make any undesirable 
> changes on this site.
>  
>  For solving this problem I think, I need to install another opencms 
> with another DB and disable the workplace in the way that no body can 
> enter workplace.
>
> For more security, How it is possible to disable workplace? Do you 
> have another solution?
>  
> Reagards,
> Farnaz
>
>  Do you Yahoo!?
> New and Improved Yahoo! Mail - Send 10MB messages!
>
>
> _______________________________________________
> This mail is send to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please 
> visit
> http://mail.opencms.org/mailman/listinfo/opencms-dev
>
> Do you Yahoo!?
> vote.yahoo.com - Register online to vote today!
>
> _______________________________________________
> This mail is send to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please 
> visit
> http://mail.opencms.org/mailman/listinfo/opencms-dev
--
Claus Priisholm, CodeDroids ApS
+45 48 22 46 46
cpr (you-know-what) interlet.dk - cpr (you-know-what) codedroids.com
http://www.interlet.dk - http://www.codedroids.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 5158 bytes
Desc: not available
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20041005/adf58010/attachment.bin>

More information about the opencms-dev mailing list