Versions Compared

Old Version 2

changes.mady.by.user Julie Legendre

Saved on

compared with

New Version Current

changes.mady.by.user Christoph Meier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Refine and update content

This page gives an overview about how Magnolia handles security. The page also provides links to sub-pages associated with the security topic.

Table of Contents

Overview: JAAS, users, groups, roles and permissions

Magnolia security is based on Java Authentication and Authorization Service (JAAS). JAAS provides a standardized way for:

  • Authentication: Reliably and securely determine who is

Security in Magnolia is controlled with an access management system that you can connect to a directory service such as LDAP. The purpose of this system is to:

  • Authenticate: Reliably and securely determine who is using the system and provide them with means to sign into the application.
  • AuthorizeAuthorization: Ensure that users have the the permissions to  to do the actions required such as editing pages or creating categories.

The system is based on the Java Authentication and Authorization Service (JAAS). You can set permissions for all types of users whether real people or processes, and control access to resources such as Web pages, documents, data, forums and templates. Permissions are controlled through a combination of users, groups, roles and ACLs, set in the Security app.

Table of Contents

always checks whether a certain user has the required (set of) permissions to access a certain resource such as a web page, document, template or some other type of data. Permissions such as Access Control Lists (ACLs) are assigned to user roles. The roles can be assigned to groups or directly to the users. Finally, users can be assigned to a group. 

For more details please refer also to the following pages:

Magnolia Security app

Use the Magnolia Security app to administer UsersGroups and Roles with ACLs that Magnolia provides. By default, the app stores the user, group and role data in the usersusergroups and userroles JCR workspaces. 

LDAP, CAS

Magnolia also provides connectors to integrate with third-party systems such as LDAP and CAS

Web access security

Multiexcerpt
MultiExcerptNameweb-access-security

Every request sent to Magnolia is checked by the 

Javadoc resource link
classNameinfo.magnolia.cms.security.URISecurityFilter
renderTypeasynchronous
. The filter checks whether the role(s) of the requesting user allow(s) the user to request a given path with the given method.

Web permissions are granted as web access lists per role. They grant access to a path for Get or Get & Post

  • Get – Grants the HTTP GET method for a given URI.
  • Get & Post – Grants the HTTP GETPUTPOST and DELETE methods for a given URI.

JCR security

...

Magnolia uses the Jackrabbit reference implementation of the Java Content Repository (JCR) 2.0 standard. ACL checks are performed at the JCR level. This low-level checking has the following benefits:

  • Better performance than checking in the application code.
  • Repository can be exposed to third-party apps. Access Control Lists (ACLs) still apply.
  • Use JCR API directly without needing the need to wrap objects.

...

Content security

...

Note

Since content and templates are usually customized or completely developed by the users of Magnolia, it is the responsibility of the users to ensure that developed content is not exploitable by cross-site scripting, HTML injection or similar attacks. For templates provided with Magnolia, the system tries to ensure that there are no such vulnerabilities.

Freemarker provides various built-in HTML and JavaScript escaping functions which make it easy to ensure that templates do not suffer from the vulnerabilities mentioned above. In case of any concerns regarding the security, Magnolia Support treats all security related issues with the highest possible urgency and will always try to provide its client with a workaround or temporary fix for the issues should there be anyInternal security is based on the Java Authentication and Authorization Service (JAAS). User permissions are assigned and managed in the form of ACLs via roles assigned to the users. Security can be configured either for URIs that a user is allowed (or denied) to access or on a more granular level via ACLs bound directly to the content in repository. User permissions are then checked on each manipulation of content by the user. This includes checking permissions on searches and making sure that the user cannot find the content that they have not been granted access to. Permissions are controlled through a combination of UsersGroups Roles and  ACLs  in the Security app.

External security

External security is achieved via servlet container features. The strength of the security depends on the container used to run Magnolia. To improve the security, Magnolia recommends that you run the Apache Web Server or another proxy server in front of the application server.

Bestpractice

To minimize the risk of attacks on user accounts on a public instance,

...

limit user accounts to the required number and type.

...

...

Disable external access to AdminCentral (URIs starting

...

with ./magnolia) from public IP addresses.

...

 Then specify the IP addresses from which users should have permission to log into AdminCentral.

...

See IP and HTTP permissions

...

Content security

Since content and templates are usually customized or completely developed by the users of Magnolia, it is the responsibility of users to ensure that developed content is not exploitable by cross-site scripting, HTML injection or similar attacks. For templates provided with Magnolia, the system tries to ensure there are no such vulnerabilities.

...

 .