 | | From: | =?Utf-8?B?TUNNUyBFdmFsdWF0b3I=?= | | Subject: | Mixing Authentication and SQL repository | | Date: | Sun, 16 Jan 2005 11:57:02 -0800 |
|
|
 | Can two seperate MCMS web sites that use different auth methods (one is
anonymous no auth and the other is Windows Integrated auth) use the same SQL
Server repository?
I am looking at this possible scenario:
Server 1: Development MCMS site (Integrated Auth)
Server 2: Authoring MCMS site (Integrated Auth)
Server 3: Test/Staging MCMS site (No Auth)
Server 4: Production read-only MCMS site (No Auth)
Server 1 and 4 have their own database,
Server 2 and 3 share a database.
Server 1 and 2 are in same domain.
I believe this scenario will provide immediate publishing to Test/Stage
without the use of SDO. I believe I will use Site Deployment Manager from Dev
to Auth and use Site Deployment API from Test/Stage to Production. Could
someone confirm/comment on this scenario please?
Thank you in advance.
|
|
| | From: | Stefan [MSFT] | | Subject: | Re: Mixing Authentication and SQL repository | | Date: | Mon, 17 Jan 2005 10:04:45 +0100 |
|
|
| Hi,
sure this is possible.
Authentication methods are only defined on the websites configuration and
local web.config configuration.
Not on database level.
Cheers,
Stefan.
"MCMS Evaluator" wrote in message
news:F0A69395-7619-4E48-B7BF-AAD2075C48D6@microsoft.com...
> Can two seperate MCMS web sites that use different auth methods (one is
> anonymous no auth and the other is Windows Integrated auth) use the same
SQL
> Server repository?
>
> I am looking at this possible scenario:
>
> Server 1: Development MCMS site (Integrated Auth)
> Server 2: Authoring MCMS site (Integrated Auth)
> Server 3: Test/Staging MCMS site (No Auth)
> Server 4: Production read-only MCMS site (No Auth)
>
> Server 1 and 4 have their own database,
> Server 2 and 3 share a database.
> Server 1 and 2 are in same domain.
>
> I believe this scenario will provide immediate publishing to Test/Stage
> without the use of SDO. I believe I will use Site Deployment Manager from
Dev
> to Auth and use Site Deployment API from Test/Stage to Production. Could
> someone confirm/comment on this scenario please?
>
> Thank you in advance.
>
|
|
| | From: | =?Utf-8?B?QW4gRXZhbHVhdG9y?= | | Subject: | Re: Mixing Authentication and SQL repository | | Date: | Mon, 17 Jan 2005 10:33:03 -0800 |
|
|
| Thank you Stefan for your answer. Your answer leads me to a second
question. If the database is shared what are some of the methods to secure
the non-authenticating MCMS site (content from anonymous users)?
Specifically, only allow anonymous access to content and not templates etc.
It sounds like you need to modify the permissions MCMS sets when installed
out-of-the-box? Possibly more?
Also, a seperate issue regarding securing the SDM application. How does one
secure the SDM on an Internet facing MCMS web site (configured as read-only)
if it uses port 80? It looks as if you have no choice but to not install it
on the the Internet facing site and only use site deployment scripts (SD
API). Is this true?
"Stefan [MSFT]" wrote:
> Hi,
>
> sure this is possible.
> Authentication methods are only defined on the websites configuration and
> local web.config configuration.
> Not on database level.
>
> Cheers,
> Stefan.
>
> "MCMS Evaluator" wrote in message
> news:F0A69395-7619-4E48-B7BF-AAD2075C48D6@microsoft.com...
> > Can two seperate MCMS web sites that use different auth methods (one is
> > anonymous no auth and the other is Windows Integrated auth) use the same
> SQL
> > Server repository?
> >
> > I am looking at this possible scenario:
> >
> > Server 1: Development MCMS site (Integrated Auth)
> > Server 2: Authoring MCMS site (Integrated Auth)
> > Server 3: Test/Staging MCMS site (No Auth)
> > Server 4: Production read-only MCMS site (No Auth)
> >
> > Server 1 and 4 have their own database,
> > Server 2 and 3 share a database.
> > Server 1 and 2 are in same domain.
> >
> > I believe this scenario will provide immediate publishing to Test/Stage
> > without the use of SDO. I believe I will use Site Deployment Manager from
> Dev
> > to Auth and use Site Deployment API from Test/Stage to Production. Could
> > someone confirm/comment on this scenario please?
> >
> > Thank you in advance.
> >
>
>
>
|
|
| | From: | Stefan [MSFT] | | Subject: | Re: Mixing Authentication and SQL repository | | Date: | Mon, 17 Jan 2005 20:55:05 +0100 |
|
|
| Hi,
the content is secured using SiteManager.
Create rights group for the different sets of users and assign them
appropriately to the channels, resource galleries and template galleries.
To allow anonymous access you need to enable it on the IIS website, you
need to enable guest access in the SCA and oyu need to assign the guest
account confiugred in the SCA to a subscriber rights group.
All items where this subscriber rights group is assigned can be access
anonymously.
All others will require authentication.
Cheers,
Stefan.
"An Evaluator" wrote in message
news:EBCFB963-8958-4427-B203-F641970FA4CA@microsoft.com...
> Thank you Stefan for your answer. Your answer leads me to a second
> question. If the database is shared what are some of the methods to secure
> the non-authenticating MCMS site (content from anonymous users)?
> Specifically, only allow anonymous access to content and not templates
etc.
> It sounds like you need to modify the permissions MCMS sets when installed
> out-of-the-box? Possibly more?
>
> Also, a seperate issue regarding securing the SDM application. How does
one
> secure the SDM on an Internet facing MCMS web site (configured as
read-only)
> if it uses port 80? It looks as if you have no choice but to not install
it
> on the the Internet facing site and only use site deployment scripts (SD
> API). Is this true?
>
> "Stefan [MSFT]" wrote:
>
> > Hi,
> >
> > sure this is possible.
> > Authentication methods are only defined on the websites configuration
and
> > local web.config configuration.
> > Not on database level.
> >
> > Cheers,
> > Stefan.
> >
> > "MCMS Evaluator" wrote in
message
> > news:F0A69395-7619-4E48-B7BF-AAD2075C48D6@microsoft.com...
> > > Can two seperate MCMS web sites that use different auth methods (one
is
> > > anonymous no auth and the other is Windows Integrated auth) use the
same
> > SQL
> > > Server repository?
> > >
> > > I am looking at this possible scenario:
> > >
> > > Server 1: Development MCMS site (Integrated Auth)
> > > Server 2: Authoring MCMS site (Integrated Auth)
> > > Server 3: Test/Staging MCMS site (No Auth)
> > > Server 4: Production read-only MCMS site (No Auth)
> > >
> > > Server 1 and 4 have their own database,
> > > Server 2 and 3 share a database.
> > > Server 1 and 2 are in same domain.
> > >
> > > I believe this scenario will provide immediate publishing to
Test/Stage
> > > without the use of SDO. I believe I will use Site Deployment Manager
from
> > Dev
> > > to Auth and use Site Deployment API from Test/Stage to Production.
Could
> > > someone confirm/comment on this scenario please?
> > >
> > > Thank you in advance.
> > >
> >
> >
> >
|
|
