Details
-
New Feature
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
None
-
None
-
None
Description
HST must be extended with site mount authorization. E.g. a way to specify role/permission restrictions on site mount level.
It should be possible to configure that a certain user/group/role has access to that specific site mount.
More information from email thread "Page composer meeting 8 sept 2010":
It is unclear whether the credentials of the logged-in user are used or a default pre-configured user for further processing. This touches on personalization - jcr session issues.
The current "page" management through the console or CMS frontend leverages the authenticated user credentials. I would assume the Page Composer (and Site Manager tool in the future) would do (and require to do) the same.
There is another, but imo unrelated, discussion concerning configuring "site" credentials (and pooling) on site mount level, but that is for a completely different purpose (optimizing anonymous site access and JCR session states per site/sitemount).
These two features have nothing to do with each other and should not be mixed in the Page Composer discussion.
Attachments
Issue Links
- relates to
-
HSTTWO-1285 Provide more flexible and usable REST security and (JCR) session configuration and handling
-
- Closed
-
-
HSTTWO-1199 DefaultLoginModule resolves roles of user by groups of hippo repository, seems unclear to find JEE roles.
-
- Closed
-