Administering the security of a website is an important part of a content manager's job. In fact, as the site becomes more sophisticated and more interactive, security becomes crucial.
Unfortunately, most Web platforms make administering security difficult. First, HTML and graphic files might have their security tied to the operating system, but their user database is off-limits for the content manager. Secondly, the commands used to modify security are quite cryptic and thus too complex for most content managers. Finally, data that is dynamically delivered, for instance by CGI scripts and database logins, introduce a host of new headaches concerning users and permissions.
Site managers also have a hard time being responsive. How much control will be given to the content manager? Will giving the content manager a login unacceptably lower security? What policy is followed when the content manager wants a login for his customers? How much work will be involved in deleting the customer and all the tendrils that have spread throughout the platform?
Zope security was designed to address these content and site manager's issues. Additionally, the security model leverages the unique features of Zope to mirror unique Web business models.
Next Chapter | Up | Next Section | Contents