Security settings Deliver

These sections let’s you define how authentication and authorization are handled in the delivery engine. Most of the field names speaks for themselves but more information can be found under the chapter on Authentication and Authorization.

Parameters

This field defines where the login form/GUI is located. Can be either external url (like in the CAS-case) or internal Infoglue-action etc. Default "Login.action".

This field defines which logout action to use. Can be either external url (like in the CAS-case) or internal Infoglue-action etc. Default "Login!logout.action".

Invalid login URL 

This field defines which invalid login view to use. Can be either external url (like in the CAS-case) or internal Infoglue-action etc. Default "Login!invalidLogin.action".

This field defines where to direct the user after login. Usually left blank as application will decide this in runtime many times. 

This field defines which authenticator class to use (full class-name, for example "org.infoglue.cms.security.MyOwnAuthenticator"). Can be any class in the classpath which extends "org.infoglue.cms.security.AuthenticationModule". Defaults to Infoglue's standard module but you can find more information on which adaptors you can choose from here.

This field defines which authenticator class to use (full class-name, for example "org.infoglue.cms.security.MyOwnAuthorizer"). Can be any class in the classpath which extends "org.infoglue.cms.security.AuthorizationModule". Defaults to Infoglue's standard module but you can find more information on which adaptors you can choose from here.

This field defines where to direct the user after login. Usually left blank as application will decide this in runtime many times. 

This field defines which roles you accept as cms-editors. You can define more than one role name as auth constraint for the tools. Just use the “;” as separator and complement with more names. For example one can state the contraint “cmsUser;helpdesk” to specify that users who have the role “cmsUser” and/or “helpdesk” are allowed. This only applies to the cms login of course – not to deliver logins.

Some modules needs more parameters than others and the parameters can be very module-specific. This makes it impractical for Infoglue to define all parameters in unique fields so instead we have this field which is more or less a editable property file which the adaptors will have access to. You define the properties as name=value-pairs.

This field is only used by the CAS-module and defines the validate URL. 

CAS Proxy validate URL

This field is only used by the CAS-module and defines the proxy validate URL. 

This field is only used by the CAS-module and defines the service URL. 

This field is only used by the CAS-module and defines the logout URL. 

More information can be found under the chapter on Authentication and Authorization.


comments powered by Disqus