Content Manager clients

Content Manager clients connect to the Content Manager server through the Core Service, IIS, or WebDAV to enable the creation or modification of Content Manager items. This section describes the right and privileges required by these clients.

The following image shows the clients of the Content Manager System:

The various clients have the following security considerations:

Content Manager Explorer
This browser-based user interface consists of an ASP.NET part in IIS, including a number of DLLs, and a number of JavaScript, CSS, XML and other files. By default, this Web site can be accessed transparently using Integrated Windows authentication. To change this so that LDAP authenticates, set the site to Anonymous authentication and configure LDAP as explained in Setting up LDAP integration for Content Manager.
Note that your Content Manager Explorer Web site cannot have both Basic and Windows authentication enabled at the same time.
The Web site runs under the Application Pool account which by default is set up to use the NETWORK SERVICE account. All access to the Content Manager is made by impersonating on the Content Manager level, not on the Windows level.
Visio Workflow Designer
This Microsoft Visio add-in solution that lets users create and modify Workflow Process Definitions communicates with Content Manager through an ASP.NET Web service. Because it runs in IIS, the security of the Content Manager Explorer Web site applies. Further security can be achieved through SSL.
Core Service
This Web service is a WCF (Windows Communication Foundation) service. Refer to Microsoft's MSDN documentation for more information about implementing security for a WCF service.
Template Builder
This desktop client application connects to Content Manager through an ASP.NET Web service. Because it runs in IIS, the security of the Content Manager Explorer Web site applies. Further security can be achieved through SSL.
.NET Templating
Because .NET Templating communicates with the TOM.NET API and does not use external resources, security is already handled by .NET itself.
Dreamweaver Templating
When used for SDL Tridion Sites Templating, Dreamweaver uses a WebDAV connection. Because authentication is done through IIS, using SSL is one way to secure this connection.
WebDAV client
The Windows file system-based interface to the Content Manager also integrates with ASP.NET, and uses Content Manager directly. Because authentication is done through IIS, using SSL is one way to secure this connection.