[opencms-dev] Clarification Reg Security in OpenCMS

Wed Jan 4 17:24:11 CET 2006

Good question. I think this should be a main reason why you want to use a
cms?

There is a pdf document in OpenCMS website which explains how OpenCMS can
control the relationship between a resource and a user (or user group).

The answer to you question is it depands. If you want anonymous user can get
into OpenCMS workplace, you can change the workplace’s security. By
default, an anonymous user cannot reach there.

Regards,

Shi Yusen/Beijing Langhua Ltd.

  _____  

发件人: vijayanand.kalyanaraman at wipro.com
[mailto:vijayanand.kalyanaraman at wipro.com] 
发送时间: 2006年1月4日 11:31
收件人: joe at galway.net; opencms-dev at opencms.org
主题: RE: [opencms-dev] Clarification Reg Security in OpenCMS

Kindly clarify is it possible for an anonymous user (without a valid
username/Password )to get into OpenCMS workplace .

If that anonymous user already had some knowledge on OpenCMS he must be
knowing relative path/URL of Explorer,Administration …views.

Is it possible for him to get into OpenCMS workplace without valid
Credentials?

Any suggestion in this regard would be appreciated.

Best Regards

VIjay Anand.K

(Off:30691961)

  _____  

From: opencms-dev-bounces at opencms.org
[mailto:opencms-dev-bounces at opencms.org] On Behalf Of Joe Desbonnet
Sent: Wednesday, January 04, 2006 7:13 AM
To: The OpenCms mailing list
Subject: Re: [opencms-dev] Clarification Reg Security in OpenCMS

What do you mean by end user? An anonymous website visitor without
username/password? I think that's safe. 

However a CMS user who can author JSP files will have full access to
everything by default. I have seen very little discussion on security so I
really don't know what is or is not safe.

Any comments?

Joe.

On 12/29/05, vijayanand.kalyanaraman at wipro.com <
<mailto:vijayanand.kalyanaraman at wipro.com>
vijayanand.kalyanaraman at wipro.com> wrote:

Hi all

Is it possible for end user to break into OpenCMs Work Place?

I am giving the user the URL for the developed application say
(http://ipaddress/abcd/efgh/xxxx/index.html )

Is there any means/configuration by which we can make sure the OpenCMS Work
Place to be highly secure and fool proof?

Warm Regards

Vijay

The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain proprietary, confidential or privileged information. If you are not
the intended recipient, you should not disseminate, distribute or copy this
e-mail. Please notify the sender immediately and destroy all copies of this
message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should
check this email and any attachments for the presence of viruses. The
company accepts no liability for any damage caused by any virus transmitted
by this email.

www.wipro.com

_______________________________________________
This mail is sent to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
http://lists.opencms.org/mailman/listinfo/opencms-dev

The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain proprietary, confidential or privileged information. If you are not
the intended recipient, you should not disseminate, distribute or copy this
e-mail. Please notify the sender immediately and destroy all copies of this
message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should
check this email and any attachments for the presence of viruses. The
company accepts no liability for any damage caused by any virus transmitted
by this email.

www.wipro.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20060105/743dec49/attachment.htm>