Sitefinity takes full advantage of the .NET role based security by providing a powerful interface for managing users and roles. Sitefinity even allows you to use multiple membership/role providers in a single application. For example, you can implement the SQL providers to validate user credentials and manage profiles and roles as well as passwords and e-mail addresses of your registered ‘public’ users; and at the same time, you can use the Active Directory membership and role providers to grant permissions to your internal network users for the CMS backend.
The main purpose of every CMS is to ensure that new or modified content does not go live immediately but rather passes through a process of approval. Sitefinity has a robust workflow mechanism, supporting different states of the workflow process. It can be easily enabled and disabled, as well as applied on both content and pages level. Users can coordinate the different roles throughout the content management process to guarantee accuracy in public content.
Sitefinity supports security socket layer (SSL) protocol and its use on page level. All information that is transmitted between the visitor browser and the web server is encrypted.
Sitefinity can operate in a partially trusted environment. It gives server administrators the flexibility to set execution permissions on assemblies and tailor them to their needs.
The Personalization module allows for saving system and
module settings per user. Once the content publisher, for example, logs in, he/she
may press My Preferences link and alter the settings for page visualization. There are different personalization options, such as:
setting a specific part of the Sitefinity administration as home page; dashboard
settings – classic or overlay visualization; displayed items per page, etc.
Personalization of Sitefinity can be categorized by:
Modules – the personalization framework will
persist the personalization setting of the module, load, and apply it in the
consequent visit of that user.
System – the personalization will be applied to
the whole system instead to a single module.