[opencms-dev] Clarification Reg Security in OpenCMS

vijayanand.kalyanaraman at wipro.com vijayanand.kalyanaraman at wipro.com
Wed Jan 4 04:31:19 CET 2006


Kindly clarify is it possible for an anonymous user (without a valid
username/Password )to get into OpenCMS workplace .

If that anonymous user already had some knowledge on OpenCMS he must be
knowing relative path/URL of Explorer,Administration ...views.

Is it possible for him to get into OpenCMS workplace without valid
Credentials?

Any suggestion in this regard would be appreciated.



Best Regards

VIjay Anand.K

(Off:30691961)

________________________________

From: opencms-dev-bounces at opencms.org
[mailto:opencms-dev-bounces at opencms.org] On Behalf Of Joe Desbonnet
Sent: Wednesday, January 04, 2006 7:13 AM
To: The OpenCms mailing list
Subject: Re: [opencms-dev] Clarification Reg Security in OpenCMS



What do you mean by end user? An anonymous website visitor without
username/password? I think that's safe.

However a CMS user who can author JSP files will have full access to
everything by default. I have seen very little discussion on security so
I really don't know what is or is not safe.

Any comments?

Joe.



On 12/29/05, vijayanand.kalyanaraman at wipro.com <
vijayanand.kalyanaraman at wipro.com
<mailto:vijayanand.kalyanaraman at wipro.com> > wrote:

Hi all

Is it possible for end user to break into OpenCMs Work Place?

I am giving the user the URL for the developed application say
(http://ipaddress/abcd/efgh/xxxx/index.html )

Is there any means/configuration by which we can make sure the OpenCMS
Work Place to be highly secure and fool proof?



Warm Regards

Vijay


The information contained in this electronic message and any attachments
to this message are intended for the exclusive use of the addressee(s)
and may contain proprietary, confidential or privileged information. If
you are not the intended recipient, you should not disseminate,
distribute or copy this e-mail. Please notify the sender immediately and
destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient
should check this email and any attachments for the presence of viruses.
The company accepts no liability for any damage caused by any virus
transmitted by this email.

www.wipro.com



_______________________________________________
This mail is sent to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please
visit
http://lists.opencms.org/mailman/listinfo/opencms-dev






The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.

www.wipro.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20060104/a7f2215e/attachment.htm>


More information about the opencms-dev mailing list