[opencms-dev] How is it possible to disable workplace?
Farnaz Fotrousi
f_fotrousi at yahoo.com
Tue Oct 5 14:37:24 CEST 2004
Do you mean the web-site port would be different than workplace port, when we set "workplace.limited.port" property to another port in "opencms.properties"?
Claus Priisholm <cpr at codedroids.com> wrote:
I haven't fiddled with this myself, but maybe it is something you can
utilize for your setup:
# workplace limited port
# This is the port the workplace access is limited to. With the
opencms.properties
# the access to the workplace can be limited to a user defined port.
With this
# feature a firewall can block all outside requests to this port with
the result
# the workplace is only available in the local net segment.
# Default=-1 (no limit)
workplace.limited.port=-1
Maybe this approach can be used with https, ie. setting the port to be
say 443 (or whatever the https port is set to). But if you're behind a
firewall and doing VPN adding HTTPS seems to be a bit of an overkill.
On 5/10-2004, at 7.49, Farnaz Fotrousi wrote:
> Dear Arash,
>
> Thanks a lot for your solution. My problem is that I don't want to let
> any one to enter opencms workplace through internet. I just want to
> let them work with opencms in VPN, But have a site on internet.
>
> Consider the situation that I implement an advanced authentication and
> put all on internet. If any one find username and password, can enter
> opencms workplace and make any undesirable changes on site.But This
> situation is terrible.
>
> So I prefere to have two databases. One for VPN and one for Internet.
> In VPN database, have opencms workplace but in Internet database
> doesn't have or disable it.
> Is it possible?
> It is good to mention that I have lots of dynamic pages.
>
> Best Regards,
> Farnaz.
>
>
> Arash Kaffamanesh wrote:
> > For more security, How it is possible to disable workplace? Do you
> have another solution?
>
> you can either export your site statically and serve it with a
> webserver (e.g proxied apache or iis), or
>
> connect via https, if you have to use the dynamic mode for several
> reasons (e.g using lucene), or
>
> you can write your own custom login (e.g. with jaas, cas) and replace
> the basic authentification
>
> > For solving this problem I think, I need to install another opencms
> with another DB and disable the workplace in the way that no body can
> enter workplace.
>
> and how would you yourself enter the workplace? ;-)
>
> in short: the fastest secure way is to ssl / tls enable your tomcat
> --> https.
>
> Best Regards,
> Arash
> -----Original Message-----
> From: opencms-dev-bounces at opencms.org
> [mailto:opencms-dev-bounces at opencms.org] On Behalf Of Farnaz Fotrousi
> Sent: Montag, 4. Oktober 2004 14:34
> To: opencms
> Subject: [opencms-dev] How is it possible to disable workplace?
>
> Hi,
>
> I have made a site through opencms.Now I would like to publish this
> site but I fear that If I put this site on the internet, some one can
> crack and enter opencms workplace. So he can make any undesirable
> changes on this site.
>
> For solving this problem I think, I need to install another opencms
> with another DB and disable the workplace in the way that no body can
> enter workplace.
>
> For more security, How it is possible to disable workplace? Do you
> have another solution?
>
> Reagards,
> Farnaz
>
> Do you Yahoo!?
> New and Improved Yahoo! Mail - Send 10MB messages!
>
>
> _______________________________________________
> This mail is send to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please
> visit
> http://mail.opencms.org/mailman/listinfo/opencms-dev
>
> Do you Yahoo!?
> vote.yahoo.com - Register online to vote today!
>
> _______________________________________________
> This mail is send to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please
> visit
> http://mail.opencms.org/mailman/listinfo/opencms-dev
--
Claus Priisholm, CodeDroids ApS
+45 48 22 46 46
cpr (you-know-what) interlet.dk - cpr (you-know-what) codedroids.com
http://www.interlet.dk - http://www.codedroids.com
_______________________________________________
This mail is send to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
http://mail.opencms.org/mailman/listinfo/opencms-dev
---------------------------------
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20041005/c267109c/attachment.htm>
More information about the opencms-dev
mailing list