Security settings CMS

These sections let’s you define how authentication and authorization are handled in the cms. Most of the field names speaks for themselves but more information can be found under the chapter on Authentication and Authorization.

Parameters

This field defines where the login form/GUI is located. Can be either external url (like in the CAS-case) or internal Infoglue-action etc. Default "Login.action".

This field defines which logout action to use. Can be either external url (like in the CAS-case) or internal Infoglue-action etc. Default "Login!logout.action".

Invalid login URL 

This field defines which invalid login view to use. Can be either external url (like in the CAS-case) or internal Infoglue-action etc. Default "Login!invalidLogin.action".

This field defines where to direct the user after login. Usually left blank as application will decide this in runtime many times. 

This field defines which authenticator class to use (full class-name, for example "org.infoglue.cms.security.MyOwnAuthenticator"). Can be any class in the classpath which extends "org.infoglue.cms.security.AuthenticationModule". Defaults to Infoglue's standard module but you can find more information on which adaptors you can choose from here.

This field defines which authenticator class to use (full class-name, for example "org.infoglue.cms.security.MyOwnAuthorizer"). Can be any class in the classpath which extends "org.infoglue.cms.security.AuthorizationModule". Defaults to Infoglue's standard module but you can find more information on which adaptors you can choose from here.

This field defines where to direct the user after login. Usually left blank as application will decide this in runtime many times. 

This field defines which roles you accept as cms-editors. You can define more than one role name as auth constraint for the tools. Just use the “;” as separator and complement with more names. For example one can state the contraint “cmsUser;helpdesk” to specify that users who have the role “cmsUser” and/or “helpdesk” are allowed. This only applies to the cms login of course – not to deliver logins.

Some modules needs more parameters than others and the parameters can be very module-specific. This makes it impractical for Infoglue to define all parameters in unique fields so instead we have this field which is more or less a editable property file which the adaptors will have access to. You define the properties as name=value-pairs.

This field is only used by the CAS-module and defines the validate URL. 

CAS Proxy validate URL

 

This field is only used by the CAS-module and defines the proxy validate URL. 

 

This field is only used by the CAS-module and defines the service URL. 

This field is only used by the CAS-module and defines the logout URL. 

IP:s to use basic auth module instead of CAS

This field is only used by the CAS-module and gives you an option to define a comma-separated list of IP-adresses which should skip CAS authentication and instead use the Basic Infoglue authentication module. Example values are 127.0.0.1,211.22.33.*,169.11.22.121. The same configuration can be defined in cms.properties also as "ipAddressesToFallbackToBasicAuth".



comments powered by Disqus