Can Joomla CMS succeed in an enterprise environment?
That was easy enough, but I suspect most of you want to know why I think Joomla might be appropriate for enterprise use.
What are some basic needs?
- Centralized user authentication
- Granular access control
- Logging and Auditing
- Advanced Content taxonomy and versioning
- Pleasing & mobile-friendly front-end design
- Easy administration, maintenance and updates
- The list goes on...
How can Joomla meet these requirements?
First, let us keep in mind that Joomla is built on a highly-extensible platform. Out-of-the box, the basic components of a CMS are there, but with a few well-chosen extensions, Joomla can challenge any commercial CMS.
The core Joomla CMS includes a easily configurable LDAP login authentication plugin. When enabled, it allows Joomla to query and LDAP source (even Active Directory) to create local accounts and dole out permissions. While this basic functionality solves the problem of centralizing logins, it does not extend LDAP security groups into the CMS. For that we have to turn to 3rd party exentions.
Granular Access Control
The best LDAP extension I have found for Joomla is JMapMyLDAP by Shaun Maunder.
Included features (from his website):
- LDAP Group Mapping to Joomla Groups
- LDAP profile plugin to sync extra fields to and from LDAP
- Password plug-in to save passwords to LDAP
- User creation and deletion to and from LDAP
- Administration component for debugging and setting up plugins
- Logging for debugging and audit tracking through SHLog
- Single Sign On (SSO) with HTTP
- Tested with Active Directory, eDirectory and OpenLDAP
- Free, non-commercial, open source and licensed under the GNU GPL
- Current requirement is Joomla! 2.5+ or Platform 12.1+
Admittedly, anyone configuring this collection of plugins should be well versed in LDAP and Active Directory security groups (along with scoped service accounts). Once configured, the functionality one can get out of this combination is fantastic! Imagine being able to map any Active Directory security group to locally defined permissions groups, thereby doling out granular access control to any content, module display, site admin or any other type of 3rd party extension permissions (so long as the follow the standard Joomla 3.x+ ACL).
You could, for example, install Kunena forum, lock down access to categories by Joomla groups and map those groups to Active Direct security groups through JMapMyLDAP. You now have an "enterprise ready" forum, ready to securely service all your employee or clients needs!
Logging and Auditing
This tool provides advanced user access analytics & auditing of management tasks. While this is not a replacement for server-level access & error log monitoring, it does provide an easily accessible interface for admins to check on who logged in when and what system-level changes were made to the website.
Content taxonomy and versioning
Joomla provides advanced categorization and tagging capabilities for content creation. Tags are managed by a dedicated component, allowing you to create and edit them, separate from content, without breaking tagged relationships.
Joomla 3.x introduced us to built-in content versioning. Joomlart has great tutorial on this subject which you can checkout here:
Beyond the core Joomla Content component, uses can also take advantage of excellent 3rd party components, like:
Over the years, Joomla has benefited from an immense 3rd party marketplace of excellent templates sporting the latest advanced in modular, responsive and multi-device-compatible design. Trusted template providers include:
Administration and Maintenance
Joomla provides and excellent administrative interface suitable for both site admins and basic content managers. With Joomla 3.x, the admin interface becomes responsive, able to accommodate allow browser dimensions and use cases, from desktop to tablet to mobile.
From an enterprise perspective, it is the granular ACL which really shines here. With proper tuning, an admin can selectively restrict access to a various components and capabilities, matching-up permissions with local user groups. Combined with tools like JMapMyLDAP, the Joomla administrative backend can inherit permissions via Active Directory security groups, allowing the developer to offload access requests to other support teams.
Due to Joomla's built-in updater and modular architecture (breaking out extensions into components, modules & plugins), maintenance tasks are usually only a few clicks away.
Beyond the CMS itself, there are also inherrant advantages with the LAMP (Linux, Apache, MySQL, PHP) infrastructure upon which Joomla sites are built. A CentOS web server deployed in vSphere is easy to manage, clone*, backup and restore. With some skill, a systems engineer might create a MySQL cluster or a collection of load-balanced front-end servers attached to a single database server (more to come in an upcoming article!).
*Quick note on copying Joomla sites and changing domains:
Those of you who manage Wordpress sites know that the domain is configured within the wp_options table (in a couple different rows) in the option_value field. Copying a Wordpress site and changing the domain usually requires manual intervention by embedding a code snippet in wp-config.php and also searching/replacing instances of the old domain in other tables.
Joomla is immune to domain name changes since it does not store a hard-coded domain and local URLs are stored with relative paths.
Joomla as an API Service
With the release of cAPI Core v1.1, any Joomla website can be converted into a JSON REST API service backend!
How is this different?
We built a pluggable API architecture for Slim and wired it into Joomla so you don't have to!
Want token authentication AND native login? Granular access control? Dynamic API rate throttling? Easy extensibility? Done, done and done!.
Extend functionality with plugins
Take advantage of our growing library of API service routes plugins. Monthly release expand functionality interfacing with and servicing external resources, securely.
Save your application servers
Built-in API rate throttling can be configured globally or an a per-token basis. Provides intelligent feedback which API consumers can use to proactively throttle requests *before* hitting hard limits.
Control access without the hassle
Leverage Joomla's robust ACL to control access to any add-ons, routes or request-types. Expert users can leverage Joomla's pluggable authentication architecture to open up corporate middleware and SSO capabilities.
(purchase here to download)
Based on my experience, I can safely say that Joomla is exceptionally well poised to meet most businesses CMS needs. While there are many potential, specific use cases, the Joomla CMS can work as an excellent company intranet or customer-facing portal. It can also work well as an adjunct to Sharepoint, providing an attractive, easily-updatable corporate facade with login-access to low-stakes content. Due to the highly portable nature of the LAMP hosting environment, Joomla can be easily deployed locally, replicated to the cloud (Amazon, Rackspace, a co-lo, etc.) and supported by a CDN as well as DDoS & BotNet protection.