[opencms-dev] How is it possible to disable workplace?

Alexander Kandzior alex at opencms.org
Wed Oct 6 09:27:02 CEST 2004


workplace.limited.port may or may not work in 5.0.x. I must say that this
feature never was really tested much.
 
In 6.0, you can just place the workplace site to a different hostname/post
and have your Firewall protect access to this.

Best Regards,
Alex.

Alexander Kandzior
Alkacon Software - The OpenCms Experts
http://www.alkacon.com <http://www.alkacon.com/> 



 


  _____  

From: opencms-dev-bounces at opencms.org
[mailto:opencms-dev-bounces at opencms.org] On Behalf Of Claus Priisholm
Sent: Wednesday, October 06, 2004 9:22 AM
To: The OpenCms mailing list
Subject: Re: [opencms-dev] How is it possible to disable workplace?


As mentioned I haven't tried it, but it seems to be the idea - anyone out
there that actually have used this feature?

On 5/10-2004, at 14.37, Farnaz Fotrousi wrote:




Do you mean the web-site port would be different than workplace port, when
we set "workplace.limited.port" property to another port in
"opencms.properties"?

Claus Priisholm <cpr at codedroids.com> wrote:
I haven't fiddled with this myself, but maybe it is something you can
utilize for your setup:

# workplace limited port
# This is the port the workplace access is limited to. With the
opencms.properties
# the access to the workplace can be limited to a user defined port.
With this
# feature a firewall can block all outside requests to this port with
the result
# the workplace is only available in the local net segment.
# Default=-1 (no limit)
workplace.limited.port=-1

Maybe this approach can be used with https, ie. setting the port to be 
say 443 (or whatever the https port is set to). But if you're behind a 
firewall and doing VPN adding HTTPS seems to be a bit of an overkill.


On 5/10-2004, at 7.49, Farnaz Fotrousi wrote:

> Dear Arash,
>  
> Thanks a lot for your solution. My problem is that I don't want to let 
> any one to enter opencms workplace through internet. I just want to 
> let them work with opencms in VPN, But have a site on internet.
>  
> Consider the situation that I implement an advanced authentication and
> put all on internet. If any one find username and password, can enter
> opencms workplace and make any undesirable changes on site.But This
> situation is terrible.
>
> So I prefere to have two databases. One for VPN and one for Internet.
> In VPN database, have opencms workplace but in Internet database
> doesn't have or disable it.
> Is it possible?
> It is good to mention that I have lots of dynamic pages.
>  
> Best Regards,
> Farnaz.
>
>
> Arash Kaffamanesh wrote:
> > For more security, How it is possible to disable workplace? Do you
> have another solution?
>  
> you can either export your site statically and serve it with a 
> webserver (e.g proxied apache or iis), or
>  
> connect via https, if you have to use the dynamic mode for several
> reasons (e.g using lucene), or
>  
> you can write your own custom login (e.g. with jaas, cas) and replace
> the basic authentification
>  
> > For solving this problem I think, I need to install another opencms
> with another DB and disable the workplace in the way that no body can
> enter workplace.
>  
> and how would you yourself enter the workplace? ;-)
>  
> in short: the fastest secure way is to ssl / tls enable your tomcat
> --> https.
>  
> Best Regards,
> Arash
> -----Original Message-----
> From: opencms-dev-bounces at opencms.org
> [mailto:opencms-dev-bounces at opencms.org] On Behalf Of Farnaz Fotrousi
> Sent: Montag, 4. Oktober 2004 14:34
> To: opencms
> Subject: [opencms-dev] How is it possible to disable workplace?
>
> Hi,
>  
> I have made a site through opencms.Now I would like to publish this
> site but I fear that If I put this site on the internet, some one can
> crack and enter opencms workplace. So he can make any undesirable
> changes on this site.
>  
>  For solving this problem I think, I need to install another opencms
> with another DB and disable the workplace in the way that no body can
> enter workplace.
>
> For more security, How it is possible to disable workplace? Do you
> have another solution?
>  
> Reagards,
> Farnaz
>
> Do you Yahoo!?
> New and Improved Yahoo! Mail - Send 10MB messages!
>
>
> _______________________________________________
> This m ail is send to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please
> visit
> http://mail.opencms.org/mailman/listinfo/opencms-dev
>
> Do you Yahoo!?
> vote.yahoo.com - Register online to vote today!
>
> _______________________________________________
> This mail is send to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please
> visit
> http://mail.opencms.org/mailman/listinfo/opencms-dev
--
Claus Priisholm, CodeDroids ApS
+45 48 22 46 46
cpr (you-know-what) interlet.dk - cpr (you-know-what) codedroids.com
http://www.interlet.dk - http://www.codedroids.com



_______________________________________________
This mail is send to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
http://mail.opencms.org/mailman/listinfo/opencms-dev

Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!

_______________________________________________
This mail is send to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
http://mail.opencms.org/mailman/listinfo/opencms-dev


--
Claus Priisholm, CodeDroids ApS
+45 48 22 46 46
cpr (you-know-what) interlet.dk - cpr (you-know-what) codedroids.com
http://www.interlet.dk - http://www.codedroids.com



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20041006/fed5e426/attachment.htm>


More information about the opencms-dev mailing list