volume_up

A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More

volume_up

A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More
AI OnAI Offsmart_toy

Using authenticated instead of webeditors

Vote:
expand_less 0 expand_more

Is there a reason why I shouldn't use authenticated and cmsadmins as the 2 roles to setup my web.config locations?

It seems like a fast and elegant way to split up the users in cms and cms/admin groups. After that I can finetune access to parts of the tree with other groups. Since all the other groups will autmoatically be authenticated I don't have to add them to the web.config all the time and I don't have to use the WebEditors group as a group someone always has to be in to gain access.

 

Grtz,

S

#61316
Sep 15, 2012 23:29
Johan Petersson
Johan Petersson
Vote:
expand_less 0 expand_more

Hi,


What happens when the customer wants a secret page and removes the Everyone group and then crates a new group with accounts? They all gain access to edit mode, not good!

Use CmsEditors and CmsAdmins at least.

#61317
Sep 16, 2012 0:54
error This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.