[opencms-dev] Security design and restricted access to sites

Fri Feb 10 15:06:53 CET 2006

Dear,

I'm sure this is a stupid and a newbie question. I've seen some post
related to security, restricted access to sites, webusers, ... but i
can't find answers i need.
If i understand there is 2 types of users :
 - webusers are only allowed to browse sites (if permissions applied)
 - users are allowed to browse sites and may connect to the workplace
Right ?

We have defined 4 new groups (4th level hierachy) and added 3 new users
like this
  GUEST - MyGroup        - MyEditors (user2)  - MyProjectManagers
(user3)
              - MySubGroup (user1)
  USERS (user2) - PROJECTMANAGERS (user3)

We have created 2 new folders (each with the file "index.html")
  folder1 : default OpenCms permissions - GUEST may view and read this
folder
  folder2 : we have changed permissions like this
    GUEST, Administrators, Users & ProjetManagers are inherited
    MyGroup (-r-w-v-c-d) : deny all
    MySubGroup (+r-w+v-c-d) : allow reading content
    MyEditors (+r+w+v+c-d) : allow edition
    MyProjectManagers  (+r+w+v+c+d) : allow all
Our template includes login/logout action (copy/paste of login/logout
section of the OpenCms welcome page)

Our problems are :
 - folder2 is never shown except for Administrators
 - login to the workplace is not allowed except for Administrators

Configuration:
 - OpenCms 6.0.4
 - Oracle 9i
 - Tomcat 4.1.31
 - Apache 2.0.50 (mod_jk)

Thanks a lot,

Philippe.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20060210/7a99c6ef/attachment.htm>