Role concept and access rights



		Who is allowed to do what? With contentXXL the roles are clearly regulated. Read, write and other accesses can be assigned on page level, page fragment level, object level - i.e. for example for individual documents - and even for language variants of an object.

What is it?

In contentXXL, the access rights are regulated via a role concept

Fig. In this case, the access rights of a content object result from the selected policy

What is it capable of?

The users’ access rights are regulated via the affiliation to roles (groups of users)
Access rights can, however, also be directly assigned to users
The administrator is completely free to assign roles, e.g. to departments or groups of customers
The roles are assigned to various rights, e.g. read access on website level and write access on page fragment level
Rights can be assigned up to object level, i.e. for an individual document or message
Rights also include possible actions, such as the use of HTML, the possibility of publication or release of contents
In order to secure the localisation workflow, rights can also be assigned for the individual language variants of an object
Rights and roles can be compiled to security policies, which extremely simplifies the management
Standard policies are defined for the various objects, which are used in case the access rights do not result from the context and no other specifications are made
Whenever it is possible, safety settings are inherited, e.g. in case of pages or folders
By multiple publication of objects (news, documents) on different pages, each role obtains exactly the contents intended for it
Users and roles can be enabled for other portals. In connection with the release of contents, an efficient content sharing and/or cross-portal publishing is thus possible, i.e. contents can be provided beyond the portal boarders
All functional groups (e.g. newsletter subscribers) are managed via roles as well; this way, interested persons can rapidly be converted into users or even editors
The roles can be associated with groups in common directory services (NTLM, Active Directory, NDS via LDAP)*. A single sign-in is possible for Active Directory / NTLM.
User attributes, such as e.g. telephone numbers or chiefs, can be taken over from the Active Directory*.

* These features require the module AD-Connector

What is its advantage?

Creation of an extranet in a few minutes
Individual roles, e.g. for various groups of customers can be easily created
Integration into the existing system environment minimises the maintenance costs
Complex access rights can be easily handled by means of security policies
Newsletter subscribers can be rapidly converted into a user group
Content sharing and cross-portal publishing allow for the creation of flexible websites for internationally active enterprises with branch offices or for associations and societies as well.