I am using Tamino version 3.1.1.1 I need to implement Tamino security. I am not getting a clear picture about the security that can be implemented using Tamino and Apache. I know how to create users in Tamino, giving them various rights. What I need to know is how can I prevent people from accessing Tamino directly through the browser.
First I will explain my system.
I have a website which uses data from Tamino database and displays it. This website can be viewed by everybody. The site only displays data and has no option to update/delete/add data.
At the moment, data can be directly accessed and deleted through the browser by connecting to tamino and specifying the database and collection. (http://myserver/tamino/mydb/collection?_xql=/XX)
How do I prevent this? I do not want people accessing the site to provide a username and password either.
In tamino, I have created two users who are administrators and can do everthing.
Instead of using Tamino security one can do the following which will solves this type of problem:
- have two web servers, one on port 80 and another on an arbitary port (say 8060) - the web application runs on the web server running on port 80 and accesses Tamino via the other webserver running on port 8060 - close port 8060 to the outside world (via firewall for example or by tcp/ip configuration).
No there’s no downside to this and should solve your particular problem easily.
You could use Tamino Security but you would have to be careful and its not as easy to maintain. Essentially you define one user that can do everything: read, delete etc. and use this userid encoded into the application. You also ensure the administrator userid(s) can update everything too especially ino:security.
By default all users not defined in security and therefore unknown to Tamino have full access rights to everything. To prevent that you can define a security group that has the same name as the database. ACLs associated with that group determine the default access to collections when a user is unknown. In your scenario this should be no access to any collections. But here is why you have to careful: if you define this first you will have no further access to ino:security and effectively lock yourself out.
In think in your particular use-case implementing two webservers is the easiest and most maintainable solution.