Chapter 12. Security and control
This chapter covers
- Authentication
- Authorization
- ACLs and policies
- Retentions and holds
This chapter looks into different security- and control-related aspects of CMIS. It starts with some general security considerations and hints for web application developers. We’ll then cover authenticating users. The chapter also addresses authorization, ACLs, and policies, and finally it skims through retentions and holds.
Many CMIS repositories contain confidential data. It’s the repository’s task to protect this data. It has to check the user’s credentials and figure out what this user is allowed to see and do. CMIS is only the transport vehicle for that data and responsible for a secure transport.
Because all CMIS bindings are based on HTTP, the easiest and most compatible way to secure the connection is to use SSL everywhere. That sounds obvious and trivial. But many CMIS repositories allow unencrypted access, which can reveal user credentials and confidential documents. And many production CMIS applications don’t use HTTPS or have disabled the SSL certificate checks. We strongly recommend that you always use HTTPS in production environments!
Having unencrypted access may help during development, though. In chapter 11, which discusses CMIS bindings, we used it to look directly at the wire protocols. It’s handy to find out exactly what the repository returned when you get something unexpected.