Message of the day:
Welcome to SilverStripe | Current stable: https://goo.gl/C4F1T9 | Feature requests: https://goo.gl/EcQ34L | Community Forum: https://forum.silverstripe.org | StripeCon EU 2019! https://stripecon.eu
If you have any SilverStripe related questions, please supply the version of Framework you're using.
Did you flush? 🚽 =
I think I should relax a little for this one.
Sweet guys. Thanks. Interesting topic. For this customer my caution is probably overkill and based on past clients where security is equally over the top. (min 12 char passwords expiring every 60 days anyone?).
It's good you think about this stuff!
I'll be a bit clearer perhaps.
You're not wrong to be cautious.
But diminishing returns can easily come from following this route.
You can plug in the SAML or LDAP authenticators and use that for CMS access. But it's still someone logging in
Well one could also say that it's also impossible for properly configured permissions to confer CMS authentication upon users modelled within the
I'd suggest that perhaps a corporate site might use a corporate user access control system, like Active Directory.
one needn't log out then log back in with a different account.
Technically we don't have to use Member. It just saves a lot of work to do so. We created a large site for a corporate that uses a customer object to keep CMS and frontend users logically different. In that case, it's actually impossible for the frontend user to access to the CMS. Impossible to make the mistake
That's the same for any system though @Aaron Cooper -
sudo allows a normal user to become an admin, etc.