Security

SSL - CW supports the use of SSL for secure communications, which ensures that data going between the web server and web client is encrypted. The option of using SSL in CW is configurable on a per-site basis. In order to use SSL, the web server must be configured for SSL and have a digital certificate. The web browser must be configured to accept encrypted communications from the web server.

Firewalls - CW is compatible with firewall configurations as well. One likely placement of a firewall is in front of a web server to only allow HTTP and HTTPS traffic. In addition a second firewall may be placed between the web server and the Contenta Server. In this case, the port on which the Contenta Server is running would need to be opened up (e.g. port 6050) by the firewall administrator as well as the port that the Solr search Server is running on.

Trusted Applet - The web client sends HTML to the browser. In addition, to support structured editing for anything other than leaf node editing, a trusted applet is required.

User Authentication - The user is authenticated by the Contenta server on login based on a user name/password.

User Roles/Permissions - Once a user is logged onto the Contenta server, user access to functionality is setup based on roles using the pcmadmin application and the user can only access objects on his/her desktop.

Vulnerabilty Filter – Contenta Web is delivered with a filter that detects common vulnerabilities such as cross site scripting and filters errors so sensitive information is not displayed to users.