DMXzone Security Provider Site Protection Features

There are only two days until the official release of DMXzone Security Provider extension that allows you to define and enforce your site security fully. In the first part of our features in detail series we'll take a closer look at the options that you'll be using to define your site security provider and also protect a site with a database sources. In the second part, which you can check out tomorrow, you'll see how to add a single page security provider, use the control security provider behaviors and how to display conditional regions on your page depending on the currently logged in user.

 

The Story

Define Your Site Security with the Security Provider Builder 

Choose the type of Security Provider to use for you site. Choose between single user, users list or dynamically retrieved from a database source. All powerful security enforcements are easily achieved with the Security Provider Builder.

Single User

The most simple way to secure your site and resources is to apply a single user login security for your website. Then, you have just one username and password for all your security needs.

  • Secret Key - Enter a secret key, which will be used for your cookie encryption. This can be any random string.


  • Support for PHP and ASP server types - Choose the appropriate server type that your site is running on.


  • Login and password - Enter the credentials for this user that will be used for login.


Users List

You can create a whole users list with usernames and password where you can add permissions for each user individually.  

  • Secret Key - Enter a secret key, which will be used for your cookie encryption. This can be any random string.


  • Support for PHP and ASP server types - Choose the appropriate server type that your site is running on.


  • Add/remove user, delete all users and rearrange - You can add as many users as you wish and also remove any of it at a later point. Also, you can delete all at once or rearrange their places in the list.


  • Set permissions - Set special access permissions for your users that will enable them to view, get, edit, put, or delete files, and which users can look inside or make changes to the contents of folders.


  • Grant permissions - You can grant permissions to anyone on your users list or remove them at any time.


Database

Thank to the great integration with DMXzone Database Connector PHP/ASP you can retrieve the users list fully dynamically from your database, define permissions and add conditions per permission that define when the permission is valid.

  • Secret Key - Enter a secret key, which will be used for your cookie encryption. This can be any random string.


  • Support for standard PHP and ASP server types database - If you have installed both the DMXzone Database Connector PHP and ASP in your HTML5 Data Bindings you can choose between PHP and ASP server technology otherwise the field will only display the installed one.


  • Select the database users source - In order to retrieve your users list dynamically you need to have the DMXzone Database Connector PHP/ASP extension installed. Once you choose the already established connection to your data source, you can select the database tables, and columns that contain identity and users' credentials details.


  • Manage connections - The Security Provider Builder allows you to create and manage connections to servers with the DMXzone Database Connection wizard dialog.


  • Define permissions dynamically - Name your permissions and choose the corresponding table and ID from your data source thanks to the great integration with DMXzone Database Connector PHP/ASP.


  • Add permission conditions - Add conditions per permission that define when the permission is valid.


Security Cookie Options

When you allow the user to have a "remember me" option in the login form, a secure cookie is stored in their browser to help identify the user later on again. With the Security Cookie Options you can choose how long should the cookie stay valid and when it exactly applies.

  • Add domain - Enter optional domain name to bind the cookie to. If it's not specified then the current domain will be used.


  • Specify the cookie path - Enter the path for the cookie. If not specified the root path is default.


  • Expiration time - By default the cookies expire in 30 days but you can enter your own expiration point in order to keep them for longer or shorter day period. 


Protect Your Database Sources with Database Actions

When you want to protect the Database Sources, defined with the DMXzone Database Connector PHP/ASP and/or Database Actions, defined by the DMXzone Database Updater PHP/ASP, you can choose the appropriate restrictions with the new Security options.

DMXzone Database Connector PHP/ASP

Restrict and allow users with certain permissions to view the database source

  • Applying security in DMXzone Database Connector PHP/ASP - Secure certain database source by managing your security with the DMXzone Security Provider. 
  • Restrict access with the Security Provider - Restrict the access to the chosen database source by selecting the required permissions that you already defined in the Security Provider Builder.


  • Require permissions - Allow access to the selected database source only when the user has the specified permission.


DMXzone Database Updater PHP/ASP

Restrict and allow users with certain permissions to insert, update and delete the database source

  • Securing database updating actions - Manage your database updating actions security with the DMXzone Security Provider
  • Restrict access with the Security Provider - Restrict the access to certain database updating actions by selecting the required permissions that you already defined in the Security Provider Builder.


  • Apply require permissions - Grant access to the selected database updating actions by choosing the required permission from the dropdown list.
Blog Posts


What You Missed This Week

Our weekly content summary

Place your comment about DMXzone Security Provider Site Protection Features




You must me logged in to write a comment
Comments

Be the first to place a comment