Basic Authentication

The Repository Stack does not store passwords in clear text. Therefore, you need to generate your own hash, to be entered inside the stack’s settings.

You can generate new standard bcrypt hashes here. You should enter the password of your choice in the “Password” field. Then click “Generate Hash”.

Enter the generated hash key into the Repository Stack 2 settings, and then use the password you chose to sign into the Repository control panel.

To log in to the user interface, you must use the password you used to generate the hash key. The hash itself will not work for log in.

Stacks Image 462

UserAccess Integration

When selection UserAccess integration, you are able to define a client and an admin group.

  • Logged in users must be members of the client group in order to see the Repository Stack 2. If the client group setting is empty, all logged in users are able to see the the content.
  • If the logged in user is member of the admin group, he does not be part of the client group any more. If the admin group setting is empty, all logged in users are administrators.

Difference between administrators and clients:

  • If enabled, dynamically subfolders are created (below the installation directory) after a client performed a log in, based on the client's username.
  • For clients, a special permission set is available (see permissions).
  • Administrators will see all client subfolders inside the installation directory and have another set of permissions available.

With this, it is possible to have one Repository Stack 2 page for administrators and clients, where clients have another permission set than administrators, and where clients only are able to maintain their own files and not the files of other clients.

Stacks Image 464

Sitelok Integration

For a Sitelok integration, an installed Sitelok application and license is required. The Sitelok install path should not be changed, unless the RapidWeaver project where Repository Stack is used in is not installed in the server root, or when Sitelook is not located in its default install path. You are able to define a user group, which is required for the logged in Sitelok user. No additional stacks or settings are required.

Stacks Image 466

Further Security Considerations

Choose a random username and password.

Do not show the page with Repository Stack 2 inside the navigation.

Only enable these functions, which you are really sure you want the user of the stack to be executed.

Repository Stack 2 does not password protect the uploaded files. The password is only used for the user interface. Password protection of files can be done via .htaccess password protection.

< Previous Post
Next Post >