Magnolia 5.6 reached end of life on June 25, 2020. This branch is no longer supported, see End-of-life policy.
...
On the author context use the superuser - he is the superuser is granted:
/
on everyJCR workspace - granted by the role superuser
./magnoliaAuthor/.rest*
- granted by the role rest-admin
.Note that superuser is given a lot of power. Use it carefully!
The public context typically is visited by users which do not authenticate. Nevertheless, such visits are done as anonymous
user - which also has some permissions.
On the public context anonymous user is granted:
/
for the workspaces website
, dam
, googleSitemaps
, category
, tours
Mgnl get |
---|
/magnoliaAuthor/.rest/delivery/*
As you can see, anonymous user only has read access and can only access the Delivery endpoint. That is sufficient for the moment.
On a productive environment - we highly recommend to create custom REST roles granting specific access for specific use cases- he is granted:..
...
Anchor | ||||
---|---|---|---|---|
|
...