[opencms-dev] How is it possible to disable workplace?

Claus Priisholm cpr at codedroids.com
Wed Oct 6 09:22:14 CEST 2004


As mentioned I haven't tried it, but it seems to be the idea - anyone 
out there that actually have used this feature?

On 5/10-2004, at 14.37, Farnaz Fotrousi wrote:

>  
> Do you mean the web-site port would be different than workplace port, 
> when we set "workplace.limited.port" property to another port in 
> "opencms.properties"?
>
> Claus Priisholm <cpr at codedroids.com> wrote:
> I haven't fiddled with this myself, but maybe it is something you can
>  utilize for your setup:
>
> # workplace limited port
> # This is the port the workplace access is limited to. With the
>  opencms.properties
> # the access to the workplace can be limited to a user defined port.
>  With this
> # feature a firewall can block all outside requests to this port with
>  the result
> # the workplace is only available in the local net segment.
> # Default=-1 (no limit)
> workplace.limited.port=-1
>
> Maybe this approach can be used with https, ie. setting the port to be
> say 443 (or whatever the https port is set to). But if you're behind a
> firewall and doing VPN adding HTTPS seems to be a bit of an overkill.
>
>
> On 5/10-2004, at 7.49, Farnaz Fotrousi wrote:
>
> > Dear Arash,
> >  
> > Thanks a lot for your solution. My problem is that I don't want to 
> let
> > any one to enter opencms workplace through internet. I just want to
> > let them work with opencms in VPN, But have a site on internet.
> >  
> > Consider the situation that I implement an advanced authentication 
> and
>  > put all on internet. If any one find username and password, can 
> enter
>  > opencms workplace and make any undesirable changes on site.But This
>  > situation is terrible.
> >
> > So I prefere to have two databases. One for VPN and one for Internet.
>  > In VPN database, have opencms workplace but in Internet database
>  > doesn't have or disable it.
> > Is it possible?
> > It is good to mention that I have lots of dynamic pages.
> >  
> > Best Regards,
> > Farnaz.
> >
> >
> > Arash Kaffamanesh wrote:
> > > For more security, How it is possible to disable workplace? Do you
>  > have another solution?
> >   
> > you can either export your site statically and serve it with a
> > webserver (e.g proxied apache or iis), or
> >  
> > connect via https, if you have to use the dynamic mode for several
>  > reasons (e.g using lucene), or
> >  
> > you can write your own custom login (e.g. with jaas, cas) and replace
>  > the basic authentification
> >  
> > > For solving this problem I think, I need to install another opencms
>  > with another DB and disable the workplace in the way that no body 
> can
>  > enter workplace.
> >  
> > and how would you yourself enter the workplace? ;-)
> >  
> > in short: the fastest secure way is to ssl / tls enable your tomcat
>  > --> https.
> >  
> > Best Regards,
> > Arash
> > -----Original Message-----
> > From: opencms-dev-bounces at opencms.org
>  > [mailto:opencms-dev-bounces at opencms.org] On Behalf Of Farnaz 
> Fotrousi
> > Sent: Montag, 4. Oktober 2004 14:34
> > To: opencms
> > Subject: [opencms-dev] How is it possible to disable workplace?
> >
> > Hi,
> >  
> > I have made a site through opencms.Now I would like to publish this
>  > site but I fear that If I put this site on the internet, some one 
> can
>  > crack and enter opencms workplace. So he can make any undesirable
>  > changes on this site.
> >  
> >  For solving this problem I think, I need to install another opencms
>  > with another DB and disable the workplace in the way that no body 
> can
>  > enter workplace.
> >
> > For more security, How it is possible to disable workplace? Do you
>  > have another solution?
> >  
> > Reagards,
> > Farnaz
> >
> > Do you Yahoo!?
> > New and Improved Yahoo! Mail - Send 10MB messages!
> >
> >
> > _______________________________________________
> > This m ail is send to you from the opencms-dev mailing list
> > To change your list options, or to unsubscribe from the list, please
>  > visit
> > http://mail.opencms.org/mailman/listinfo/opencms-dev
> >
> > Do you Yahoo!?
> > vote.yahoo.com - Register online to vote today!
> >
> > _______________________________________________
> > This mail is send to you from the opencms-dev mailing list
> > To change your list options, or to unsubscribe from the list, please
>  > visit
> > http://mail.opencms.org/mailman/listinfo/opencms-dev
> --
> Claus Priisholm, CodeDroids ApS
> +45 48 22 46 46
> cpr (you-know-what) interlet.dk - cpr (you-know-what) codedroids.com
> http://www.interlet.dk - http://www.codedroids.com
>
>
>
> _______________________________________________
> This mail is send to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please 
> visit
> http://mail.opencms.org/mailman/listinfo/opencms-dev
>
> Do you Yahoo!?
>  Yahoo! Mail is new and improved - Check it out!
>
> _______________________________________________
> This mail is send to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please 
> visit
> http://mail.opencms.org/mailman/listinfo/opencms-dev
--
Claus Priisholm, CodeDroids ApS
+45 48 22 46 46
cpr (you-know-what) interlet.dk - cpr (you-know-what) codedroids.com
http://www.interlet.dk - http://www.codedroids.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 5210 bytes
Desc: not available
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20041006/a9d7d475/attachment.bin>


More information about the opencms-dev mailing list