BackBee CMS' Security component ensures strict control of access to content and to available functions. It has two steps:
•     Identification: The component verifies the identity of the user (visitor, contributor, webservice client, etc.). Secure 
  areas can be created by installing firewalls. 
•     Authorization: The component assigns access privileges (read-only, writing, etc.) to identified users.
Privileges are assigned according to an access control list (ACL), which can be configured by area.
Identification can be verified in several ways and is extensible:
•     Forms: supported by the application
•     Basic access: transmission of connection information in the headers
•     HTTP digest: encrypted transmission of connection information
•     X.509 certificate
•     WSSE, etc.
Checking connection information can then be performed through a number of methods, which are combinable and extensible:
•     By file
•     In memory
•     By database
•     By LDAP connection, etc.
Authorization is established through an access control list (ACL). A list of permissions is associated with a list of resources. In BackBuilder5, assigning permissions is accomplished by associating hierarchical roles, and resources can be of several kinds:
    URL segment (a system of rights according to the sitemap)
    Object (Page, Content, etc.)
The hierarchy of roles is organized cumulatively. For example:
•     USER: read
    MEMBER: USER, comment
    MODERATOR: USER valid_post
    ADMIN: MODERATOR, create, edit, delete


Copyright © 2018 Lp digital. All rights reserved.