sitecore security overview
TRANSCRIPT
SITECORESECURITY
01Overview
03 User RepositoriesNon-Sitecore
04 Planning Security
02 Security InterfacesAdministrator’s Guide to Sitecore
Sitecore Security Concepts• Users. A user account in Sitecore contains details about the
user name, domain, email, and password. You can (but should not) assign access rights directly to a user account.
• Roles. A collection of users or a collection of users and other roles. You can use roles to assign access rights to groups of users by making them a member of a role.
• Domains. a collection of security accounts (users and roles) that you can administer as a unit with common rules and procedures
Domains• Default domains:• Sitecore – contains CMS users (content authors)• Extranet – users of the published site• Default – used when no other domain can be resolved
• Each domain contains an Everyone role and an Anonymous user.
• Sitecore determines the domain from the context site.
Domain Scope• Global domains - users are able to access all the
domains in the system.• Locally managed domains – users can only
access a specific domain. A local administrator usually maintains a locally managed domain. Users that belong to a locally managed domain will only see security accounts that belong in the same domain.
Application of Security to Content Authors – Content and Workflow• Security can be set for content items by role
(recommended) or user (not recommended).• Security inherits to descendant content until
inheritance is broken.• Ability to act on an item is determined by the item
security as well as the security set on the current workflow state.
Application of Security to Content Authors – Features• Sitecore has built in roles named “Sitecore Client *”
that grant or limit access to Sitecore features.• Any content author must be a member of Sitecore
Client Authoring• Sitecore “administrator” should be granted
sparingly.
Security and Website Visitors• Visitors to the website are in the “extranet” domain.
If users are not logged in they are “extranet\anonymous”.
• Any security applied to content items will affect the availability and visibility of content on the site for visitors.
• This allows for the creation of secure content. Common scenarios are member’s only or premium paid content as well as general portal functionality.
ADMINISTRATOR’S GUIDE TO SITECORESECURITY INTERFACES
User Manager
Role Manager
Domain Manager *
Security Editor
Access Viewer
NON-SITECOREUSER REPOSITORIES
Authenticating with other User Directories• Sitecore implements the ASP.NET security provider
model. You can roll your own implementation to connect to your source.
• Active Directory Module is supported by Sitecore. Various others exist on the Sitecore Marketplace.
Common User Repositories• Active Directory, ADFS• CRM: Dynamics, Salesforce• AMS: Personify, Aptify• Ecommerce: Insite, Commerce Server
PLANNING SECURITY
Sitecore Security• Interaction between item security, inheritance and
workflow security requires consideration during site IA planning.
• Item A• Item B• Item C
Sitecore Feature Access• Decide which users can access features. There are
over 35 built in roles, but start with basics.
• Publication: Sitecore Client Publishing• Translation: Sitecore Client Translation• Security: Sitecore Client Security, Sitecore Account
Managing
Multisite Tip:
Role membership is a user settings – there it their permission in all
sites.
THANK YOUQuestions?
Glen [email protected]
Contact Us
LOCATIONSTORONTO
49 Spadina Avenue Suite 201 Toronto, ON M5V 2J1
+1 416 203 2997
NYC
445 Broad Hollow Rd. Suite 25Melville, NY11747
+1 631 870 0317
SÃO PAULO
Rua Fidalga, 593/603Suite 16São Paulo, SP Brazil05432-070
+55 11 3825 3843
FLORIANÓPOLIS
Rua Iguaçu, 73 Florianópolis, SC Brazil 88045-610
+55 48 4062 1301 +55 41 4063 9149
OTTAWA
987A Wellington St. Suite 201 Ottawa, ON K1Y 2Y1
+1 613 241 2067
+1 877 654 0328