Home > Articles > Web Development > Content Management Systems

  • Print
  • + Share This
Like this article? We recommend

Parting Thoughts

The goal of this solution was to provide an example that's easy to implement and carries very little overhead. However, there are some issues I didn't cover, of which you need to be aware:

  • Authenticating users on CMS is a challenging endeavor. Since CMS doesn't presently have an application-level API, there's no easy way to pass authentication information from the PC to the server without doing so in a very insecure way (clear text). This solution uses an impersonation methodology to partially avoid this security issue. However, impersonation has its flaws as well. You should choose a method that fits your organization.

  • The process of saving a Word document to one spot and then the other may seem a bit redundant. However, it was easy to implement and saved us from having to copy files. Further, it provided a straightforward process to abstract the name of the file, to prevent two users overwriting each other's work.

  • Out of the box, web shares are not the most secure mechanisms. However, if the proper precautions are taken, they can be implemented securely; in this example, the share used was set to permit writes only (no read access) and no execute permissions. An alternative approach would be to use a form post and a binary write of the post data on the server. This is slightly more complicated to implement, but potentially more secure. Again, you should choose the implementation that works best for your organization.

  • This implementation requires a macro on each client machine, which translates to distributing software. This can be a significant challenge in large organizations. Further, due to the proliferation of macro viruses, Microsoft has taken steps to make distribution of macros more secure by requiring a digital signature on each macro before it will run on a client's machine. This means additional planning on your part—either changing users' security settings in Office (not highly recommended) or digitally signing your macros.

  • + Share This
  • 🔖 Save To Your Account