Goodbye 2006, Welcome 2007

2006 has been an exciting year for content technologies. Based on some of the interesting happenings, the following themes (in no particular order) have emerged that might have an impact on this space in coming years:

  1. Standards: or the lack of them was evident. Although portal standards (JSR-168, JSR-286) have done well, content management standards (JSR-170, JSR-283) have not done that well. Alfresco, Magnolia, Day and eXo support JSR-170 and there have been occasional talks of JSR-170 connectors for other products (e.g., BEA supports this using Day’s connectors). However, I think the acceptance has been below my expectations. Continue reading “Goodbye 2006, Welcome 2007”

Enterprise Content Management and Security

James Governer and Alan have written posts about ECM and security. The problem that many of these products implement their own security model instead of using external security products is not limited to just ECM products. I’ve seen some portal products also that have their own security model.

Most products in this space actually claim that they can integrate with external security products. However, when you dig deep, you will find out that this integration is limited to authentication. It’s quite easy to use an external LDAP that stores userid and password against which authentication can be done. But when it comes to authorization, these products need fine grained permissioning mechanism (Alan gives an example of 57 different permission levels!). One needs to store permissions for different assets, sometimes even for different fields of an asset, on different versions of assets and so on and in that sense, the security mechanism is quite closely coupled with the content management system (or portal as the case may be).

Having said this, I think it would be a good idea to decouple features like security and externalize them. But many of the product vendors use this as a differentiator and previous experience shows that it is easier said than done to get vendors agree on using common standards.