Versions Compared

Old Version 1

changes.mady.by.user Christoph Meier

Saved on

compared with

New Version 2

changes.mady.by.user Christoph Meier

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Add sections "superuser" , "anonymous"

...


Type

Example

Users

People who work on site content such as authors, editors and publishers.

System users

Administrative accounts with permissions to configure Magnolia, install new modules and create new templates, for example.

Public users

End users or visitors of the site. They can be registered through the Public User Registration (PUR) module . Registering visitors allows you to provide them with personalized content such as members-only sections of the site, newsletters and mailing lists.

superuser

Multiexcerpt
MultiExcerptNamesuperuser-user

The term superuser may refer either to a system user (an account type) or to a role (a definition of what a user is allowed to do in the system). In a vanilla installation of Magnolia, the superuser role is assigned to the superuser account. In addition to the superuser role, the superuser account has some other roles too, see Default roles, groups and users.

As the name implies, the permissions of the superuser account are usually unrestricted in any way. For instance, superuser can read and write to all default JCR workspaces on / .

Bestpractice

On a production system, create specific users with distinct roles and deactivate the superuser account.

anonymous

Multiexcerpt
MultiExcerptNameanonymous-user

The term anonymous may refer either to a system user or to a role. The latter is assigned to the former. Apart from the anonymous role, the anonymous system user is by default assigned other roles too, see Default roles, groups and users.

Every Magnolia resource intended to be accessible without authentication must be enabled for the anonymous system user. A users that interacts with Magnolia without authentication is determined as anonymous user.

Multiexcerpt
MultiExcerptNameanonymous-role-do-not-activate
Note

On most systems, the rights and permissions of the anonymous role differ between author and public instances: allow read access to all on the public instance, while deny the same on the author instance. That is why you should not activate that role.

Anchor
edit-user-preferences
edit-user-preferences

...