This version solves the user "authentication" enabling
those using GXportal for application integration to concentrate on developing
their features, trusting to GXportal the management of application access and
rights.
The security concept applied to solve users and roles
management is the Repository. A repository is a set of users, roles and security
policies whose properties have to be configured to define the desired portal
security.
Therefore, in a GXportal installation there can be a
single set of users (a repository), which can be used by several portals within
the same installation. This way, the same user could be content author in a
portal and forum moderator in another one.
The portal list of users is unique, and the portal manager
can assign roles to the users (both backend and frontend roles). Backend roles
can be assigned provided the corresponding licenses are held.
Each repository has a list of roles, a role will enable it
to define the function of one or more users, for example users can be grouped
when they fulfill a certain function (clients, sales personnel, suppliers,
authors, editors, designers, etc.). Access and constraints to the various portal
elements are defined over the roles (content entry, channels, pages,
etc.)
Additionally, a repository has a list of security
policies. A security policy allows defining the criteria related to passwords,
user session and user session start. Every repository will have at least one
defined policy, and it will be applied to all repository users.
If you want to customize the security policy of a user,
you can define a specific policy and assign it to this user, and you can even
assign a specific security policy to a role.
The precedence order followed by GXportal to apply a
policy to a user is the following:
1. If the user has a policy assigned, it will be
used.
2. If it does not, the policy of the user first role will
be used.
3. And if this one has no assigned policy, the repository
policy will be used (there is always one assigned).
Finally, at the time of creating a new portal, the choice
can be made whether to use a new repository or using an already existing one
from the installation.
http://www.gxportal.com