1 / 28

Content Management intern

Content Management intern. „CMS“ definition.

simone-hubbard
Télécharger la présentation

Content Management intern

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Content Management intern

  2. „CMS“ definition quotation:Unter Content Management wird die systematische und strukturierte Beschaffung, Erzeugung, Aufbereitung, Verwaltung, Präsentation, Verarbeitung, Publikation und Wiederverwendung von Inhalten (Content) informationstechnisch vorgehaltener Informationen verstanden. (Rothfuss/Ried „Content Management mit XML“2001)

  3. Overview • CMS classification • WebCMS classification • WebCMS components in detail • Operating and migration considerations • mid size vs. enterprise CMS comparison • CMS customization example

  4. CMS classification Typical cms groups are: • Website-CMS (WebCMS, WCMS) • Document Management Systems (DMS) • MAM (Media Asset Management Systems) • Portal Systems

  5. WebCMS classificationby size / usage • Small systems ( „small-business“, „lite“ ) • Midsize systems • Huge systems („enterprise“)

  6. CMS, technical viewenvironment, programming languages • Web Server • Programming Language • Database System • Content, Content Storage, Content Objects • Content Life Cycle • Rights Management • Content Output

  7. Web Servers • Common Web Servers (i.e. Apache, IIS) are typically used as CMS environment • enterprise level CMS sometimes use own web servers which are dedicated to deliver database-held content • some CMS use application server environments (ColdFusion, ...)

  8. Programming Languages • small and midsize CMS must integrate easily into common web environments. => common scripting languages are used • Use of new technologies such as J2EE enables building of large-scale eCMS

  9. Databases • CMS must use common relational databases for easy setup and integration into existing environments • However, CMS content is mostly organized in object-oriented or XML-form => Content is mostly stored in RDBMS, but some CMS use their own or application server‘s mapping for (xml|oo)<->rdbms

  10. Content • To achieve Separation of content and presentation , documents have to be split into small pieces, like media elements or text paragraphs. • this results in a hierarchical structure of content elements, with layout elements (i.e. html templates) corresponding to sets of content elements • The structure‘s depth varies among different CMS, typical depths are:- 1 (results in one big editor per page)- 2 („container“-based editing )- ∞ (object-oriented systems)

  11. Content Life Cycle The content lifecycle consists of these 5 steps: • Creation / import • review / editing • validation • publishing • archiving (includes deletion) Every CMS implements these steps, although some systems combine some of them into one workflow step.

  12. Rights Management • applies to multi-user CMS • content elements and/or hierarchical elements (i.e. folders) can be assigned access rights • typically rights are split into create / modify / publish / delete [ / rights manage ] rights. • easy system setup can be achieved with preconfigured roles.

  13. Output • Staging the CMS‘s renderer ist not accessible from the internet, web pages are therefore delivered to a normal web server. The user accesses a static export of the web site. • Live Rendering The requested web pages are rendered on the fly and directly delivered from the CMS to the user.

  14. staging vs. live rendering IStaging + Good performance, as only normal html-pages are delivered. Especially no database bottlenecks + good scalability because the static web site exports can easily be replicated to other servers + high security because the CMS can never be compromised • can only manage „normal“ web sites, cannot manage dynamic pages (i.e. forums, communities, feedback forms, personalization) • content can be updated only in configured intervals • CMS cannot help with web site statistics

  15. staging vs. live rendering IILive Rendering + Possibility to maintain full-scale Web Applications / dynamic Web Sites + detailed statistics possible (i.e. click paths) • low performance, especially for sripting language CMS • scalability hard to establish • additional security measures must be established in order to guard the CMS

  16. Content Import, Export • Content migration between most CMS is nearly impossible because of fundamental differences in the content hierarchy • list-based im-/export of content fragments (articles, container) is often possible • xml-based formats are commonly used for lossless export of DB-held content

  17. Export considerations these content groups can be exported and may be imported in another System: • Pages (page hierarchy) • Page Contents (to be imported as separate Containers in case of different content storage hierarchies) • Ressources (Media Assets) • User / Group / Role Lists

  18. Interfacesexternal databases There are two ways of accessing external DBMS from cms: • direct acces via template programmingCode to access the DB is directly placed in template, and is executed during the rendering process (live cms) or on the staging web server • access through data source abstractiondata source is defined to the CMS‘s abstraction layer and can afterwards be accessed with common CMS functions

  19. InterfacesContent Syndication • Content Syndication means considering (own) content (-elements) as assets which can be used in different web sites • CMS can assist in delivering content to other web sites or integrating external content • xml-based formats for article import and export exist, for example NITF

  20. CMS, technical viewexample I

  21. CMS, technical viewExample II

  22. Customization ExampleAdding external user authentication Two strategies to use external user databases for CMS: • Periodically import user/group information from external sources • Drop internal user management, directly use external source instead for all requests

  23. LDAPLeightweight Directory Access Protocol LDAP: Access protocol for directory service databases (X.500) defined in RFC1777 Directory Service: • Database for attribute-based records (name-value pair lists) • Record groups are organized in trees

  24. LDAPTest Setup This .ldif-File represents one x.500-entry for testing purposes. The original object class InetOrgPerson has been extended by cms-specific fields hans_meiser.ldif: dn: mail=hans@test.de,o=test,c=de,dc=de objectclass: MyInetOrgPerson cn: Hans Meiser mail: hans@test.de uid: hans passwd: geheim cmsgroup: user sn: nix telephoneNumber: 01234 / 5678 -90

  25. WCMS user authentication • using Web-based CMS means requesting independent web pages • web page context is a common Session, identified by a session id • When a user logs in with username and password, his user data and rights info are added to the current session object. • User authentication means: session_id, username and password in, userdata-added session or user_id from which data is to add out.

  26. <? /* External user authentication API in: $username byref in: $password (plain) byref out: $valid = 0|1 out: $uid (system_user PK) */ // Example: Call external program to validate user $cmd = "(echo \"$username\"; echo \"$password\") | /home/sayn/pwtest"; $p = popen($cmd, 'r'); while( !feof($p) ) $ret .= fread($p, 1024); pclose($p); $ret = explode( "\n", $ret ); if( $ret[0] != 'OK' ) { $valid = 0; } else { // Search for given username in CMS user DB $all = db_query( "SELECT * FROM system_user WHERE username=\"$username\"" ); if( $row = mysql_fetch_assoc( $all ) ) { if( $row['disabled'] ) { // found but disabled? Login not allowed! $valid = 0; } else { // user found, return user_id $uid = $row['id']; } } else { // Username is valid but not known in local DB: // insert user record. // Password remains empty => login without external authentication will not be possible db_query( "INSERT INTO system_user " . "SET username=\"$username\", realname=\"$username\", created=NOW()" ); $uid = mysql_insert_id( ); db_query( "INSERT INTO system_user2group SET user=$uid, in_group=1" ); } $valid = 1; } WCMS User AuthenticationExample Code Fragment

  27. WCMS User Authenticationusing LDAP // Example: lookup userdata in ldap directory $ds=ldap_connect("localhost", 389); ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3) // Set PRotocol to LDAPv3 $r=ldap_bind($ds); // anonymously bind for read-only access // Lookup username in directory // in this example, users should log in with their email address $sr=ldap_search($ds, "o=test, c=de, dc=de", "mail=$username"); // Authentication is only possible if search returned one item if( ldap_count_entries($ds, $sr) != 1 ) { $valid = 0; } else { $info = ldap_get_entries($ds, $sr); $username = $info[0]['uid'][0]; // plain text password comparison. Remember, this is just an example if( ( $password=='' ) || ( $password != $info[0]['passwd'][0] ) ) { $valid = 0; } else { ...

  28. other LDAP integration • associate user groups to ldap subtrees • use host system user authentication as abstraction (see example 1) • certificate-based authentication (user logs on with ....)

More Related