DotNetNuke offers a fairly robust method for dealing with permissions and controlling the tasks a particular user is allowed to perform. It does this with a roles-based security module, where every page and module in the application is assigned roles that determine what the user is allowed to do within the context of the application. You have the option of setting permissions at several levels within the portal. A user may be allowed access to edit certain modules or be given access to edit the entire page, as you deem necessary. These functions also apply to viewing a module's content or a specific page. Basically, all you need to do is create the necessary security roles and assign the permissions you want that role to perform to the module or page. After you have the roles and permissions defined, you can then place your users in the appropriate role, which will allow or restrict their access based on those permissions. This allows very granular control over the actions of users in your portal. At the time of this writing, versions 4.0 and 3.2 also included functionality that allows the use of an Active Directory user base within your portal. Chapter 4 has more information.