Table of Contents
Advertisement
About public access permissions
There is a special principal ID which, instead of being a number, has the value
. This ID sets the default access setting for everyone, whether they are logged in or not.
access"
You can assign any of the following permissions on a SCO for the public-access principal:
Nobody can view, access, or manage the SCO.
denied
Anyone can view the SCO, even if not logged in.
view
(For presentations only) Anyone can view the presentation, even if not logged in.
view-only
However, the permissions set on the presentation's parent folder do not apply to the presentation.
For example, even if a user has
presentation that has
if the user has
manage
view-hidden
However, the permissions set on the meeting's parent folder do not apply to the meeting.
Never assign
manage
assign
view-only
About security and launching content
When you launch a SCO, you must provide authentication. You can do so using any of the
following approaches:
•
When you open the URL of the content, add a query parameter named
equal to the value of the login cookie, as shown in the following example:
http://breeze.example.com/p12345678/?session=breez3238uf298
This approach is a potential security problem because anyone who obtains the specified URL
can act as the logged-in user. If you take this approach, use the cookie for an ordinary user
rather than the cookie for an administrative user.
Also, if a user gives the URL to someone else (for example, by copying it and pasting it into an
e-mail message), they are giving access to their account, which presents a security risk.
•
You can set a BREEZESESSION cookie on the user's browser, using the value of the login
cookie.
However, this approach works only if your application is running on a server with the same
domain name as the Breeze server.
Also, if your application server is a J2EE servlet environment (such as ColdFusion or Java), the
application server might also use a cookie named BREEZESESSION, which results in
potential conflicts between Breeze and the application server.
•
You can simply open the URL, and require the user to log in again.
This approach is more secure than the others but can result in some inconvenience for users.
20
Chapter 1: Architecture Overview
manage
permission. (Normal permissions still apply to the presentation;
view-only
permission on the presentation, the user can delete it.)
(For meetings only) Anyone can attend the meeting, even if not logged in.
,
, or
presenter
publish
or
permissions to normal principals.
view-hidden
permission on the parent folder, the user can't delete a
permissions to the public-access principal. Never
"public-
with a value
session
Advertisement
Table of Contents
Related Manuals for MACROMEDIA BREEZE-USING THE BREEZE XML WEB SERVICES
Related Products for MACROMEDIA BREEZE-USING THE BREEZE XML WEB SERVICES
- MACROMEDIA BREEZE-USING THE BREEZE PUBLISH WIZARD
- MACROMEDIA BREEZE-USING THE BREEZE PLUG-IN FOR MICROSOFT POWERPOINT
- MACROMEDIA BREEZE-USING THE MACROMEDIA BREEZE MANAGER
- MACROMEDIA BREEZE-CLUSTERING BREEZE LIVE
- MACROMEDIA BREEZE-CLUSTERING BREEZE PRESENTATION PLATFORMS
- MACROMEDIA BREEZE-FOR MEETING PARTICIPANTS
- MACROMEDIA BREEZE-MANAGING EXTERNAL BREEZE REPORTS
- MACROMEDIA BREEZE-SECURITY