Integrated Access Control
KUSoftas CMS supports Access Control List (ACL) to authorize site resources access. ACL contains read, write, exec, manage permissions assigned to users and groups (roles).
KUSoftas CMS access control supports permissions inheritance similar as in MS Windows OS. Top of inheritance always is page containing site resource ACL. At any access control hierarchy level inheritance may be stopped and new ACL created or new elements may be added to inherited ACL.
Folowing CMS objects are targeted in access control:
- Pages - authorize page access, authorize pages management in CMS tools
- Menu - authorize menu items apierance, authorize languag and menu management in CMS tools
- Folders and files - authorize access to folders and files via CMS File Manager, CMS WYSIVYG Editor, WebDAV server.
- WebDAV server - authorize WebDAV server usage.
- CMS Plugins
- CMS API
- CMS Tools
- Site folders and files
KUSoftas CMS supports HTTP Basic Authentication form. If there is no logged user and is attempting to open protected page HTTP Basic Authentication form will be sent to client. If there is logged user and his permissions are not sufficient "Authorization denied" message will be sent to client.
KUSoftas WebDAV server CMS supports HTTP Digest Authentication form. If there is no logged user and is attempting to access WebDAV server HTTP Digest Authentication form will be sent to client.
Site files and folders are protected with .htaccess file which uses KUSoftas CMS access control data.
