Introduction / FirstSpirit ServerManager / Project properties / Permissions

Permissions

Secure media folder: Use the folder icon to open a new dialog called “Secure media folder” with the media store tree structure. A folder from the media store can be selected that will be used to store the project's secure media. The “secure media folder” has a special designation in SiteArchitect . Use the delete icon to remove a selection that was already entered (see Protection of personalized project content).

Important The settings defined here for "secure media" only affect the generation of the FirstSpirit preview. It is only possible to protect generated or deployed content from unauthorized access using the FirstSpirit security module[1](see Protection of personalized project content).

Prefix for the access control database: prefix for completing the entry of a file's ACL database information. The full path to a file in FirstSpirit always consists of three parts:

  • URL of web application (e.g. http://myServer.com)     
  • prefix for the access control database (/fs5_security)  
  • path to a file (/de/index.html)

The full path within the ACL database consists of the prefix and the path to the file, e.g. /fs5_security/de/index.html

In the Figure the prefix is “/fs5_security” and is the equivalent of the direct subdirectory “fs5_security” of a web application such as “live”:      
~Webserver/webapps/live/fs5_security.

The absolute prefix is required for the web application. The prefix is also in this case the last part of the “Path on live server” field value in the Deployment Servlet dialog.

For more information, see the documentation for the FirstSpirit security module.

Permission variable: the access permissions to objects can be defined through metadata in the media store. An input component is defined for this in the page template (CMS_INPUT_PERMISSION). Enter the name assigned to this component here. FirstSpirit will then decide whether a user can access an object or not using the input component value on the Metadata tab.

For more information, see the documentation for the FirstSpirit security module.

Allow access if no permissions are defined:If the checkbox is selected, access to "secure media" is permitted to all group members (from the groups.xml file) if no definition to the contrary has been defined using the permission variable. If there is no check mark in the box, only the values set using the permission variable will be evaluated.

For more information on user permissions.
For more information on the secure media concept.


[1] Refer to the module documentation

© 2005 - 2022 Crownpeak Technology GmbH | All rights reserved. | FirstSpirit 2022.12 | Data privacy