Setup & Configuration

Default Permissions in ElasticWCM

Out of the box ElasticWCM supports MS Active Directory or ASP.NET Form Based Authentication for user authorization. It's also easy to create your own custom authorization plug-in for ElasticWCM.

Authorization in ElasticWCM is based on Roles. Internally ElasticWCM makes a set of HttpContext.Current.User.IsInRole("a role") calls to authorize a user. (Note: you can override this when implementing a custom authorization plug-in).

With Permissions configuration in ElasticWCM you can create a sophisticated authorization schema defining any number of roles and custom permission levels for different context assignments or different pages. You can even define different permissions for different fields on the same page and make them depend on a particular language in multilingual web sites.

Out of the box there are 5 default Permission Levels recognized by ElasticWCM:

These Permission Levels are assigned to 5 default Roles

This means that if a user is in role "ElasticWCMSuperAdmin" that user has All permissions and is allowed to perform all content management functions.

Again, this is out-of-the-box configuration. You can define your roles or assign another meaning to the role "ElasticWCMSuperAdmin", even define different set of permissions for the same role depending on a page, field, language, or any custom parameter.

Configure Permissions on you development machine

For your development machine it makes sense to start with a simple authorization schema where you would have a "Super Admin" content management permissions for the site. Use one of the following three ways:

If your web site uses standard ASP.NET Form Based Authentication (FBA):

• In the FBA database create the role "ElasticWCMSuperAdmin".
• Create a FBA user.
• Assign this user to the role "ElasticWCMSuperAdmin".

If your web site uses Microsoft Active Directory:

• Choose a Windows Group you are a member of. For example, on your development machine you are probably a member of the local Administrators group "BUILTIN\Administrators"
• Add this line to the <appSettings> element in the web.config file of your web site:
  
  <add key="ElasticWCM_RoleName_SuperAdmin" value="BUILTIN\Administrators"/>
  
  In this line you are overriding the default SuperAdmin role name with your own role name.
  You must enable Role management for this to work:
  

  <roleManager enabled="true" defaultProvider="AspNetWindowsTokenRoleProvider"/>
  

  
  (Note: there are more ways to introduce custom groups in ElasticWCM. See documentation.)

If the web site uses some custom authentication/authorization you can create a custom ElasticWCM authorization plug-in:

• Create a DLL project with one class in it, for example MyCustomUserManage, and reference ElasticWCM.Client.dll.
• Make this class implement ElasticWCM.Client.Extensibility.IEwcmSiteManager interface.
• Implement three methods referencing your custom authentication mechanism:
  • string GetID() - returns User ID or login
  • string GetDisplayName(string userID) - returns display name for the user
  • bool IsInRole(string role) - returns true if current user is assigned to a particular role
• Add this line to the <appSettings> element in the web.config file referencing your newly created class:
  <add key="ElasticWCM_Extensibility_EwcmUserManager" value=" MyNameSpace.MyCustomUserManager, MyAssembly, Version=1.0.0.0, Culture=neutral, PublicKeyToken=123456dd7890b4ab "/>

This is it! Now when you login you'll be able to manage content on the web site.

Next step is to add PageToolbar control to the Master Page and Content Controls to site pages.