Chapter 12. Security and control
This chapter covers
- ACLs and policies
- Retentions and holds
This chapter looks into different security- and control-related aspects of CMIS. It starts with some general security considerations and hints for web application developers. We’ll then cover authenticating users. The chapter also addresses authorization, ACLs, and policies, and finally it skims through retentions and holds.
12.1. General security considerations
Many CMIS repositories contain confidential data. It’s the repository’s task to protect this data. It has to check the user’s credentials and figure out what this user is allowed to see and do. CMIS is only the transport vehicle for that data and responsible ...