Difference: RBSSetupSetConfiguration (1 vs. 4)

Revision 42016-09-12 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="520RoleBasedSecurity"

Setting RBS Configuration

Line: 21 to 21
  Status: Active/Disabled. Controls whether RBS or normal Appx security is active. If 'Active', then RBS rules are enforced. If 'Disabled', then normal Appx security applies. Note that the setting take affect for new logins as soon as you click 'Save'. If you have not completed all the set up steps before clicking 'Save', then users logging on may be denied access, depending on your other settings here.
Added:
>
>		NOTE: Role Based Security is NOT enforced when running processes directly via Option 99 from within Application Design.
 Multi-Role: Disabled/Select/Combine. Disabled means a user cannot belong to more than one Role at at time. This is enforced during 'Security Hierarchy Maintenance'. You may want to set this during initial setup, while still leaving the Status at 'Disabled'. Select means the user can belong to more than one Role at a time, and they will be prompted for which Role they want to use when they log on.
Combine - means the user can belong to more than one Role at a time, and the permissions from all Roles will be combined. In this case, the following rules apply:
- For process/file/field security, if any Role would allow access, then access is granted.
- For Inactivity, if any Role would allow the user to log on, then log on will be allowed.
- For Timeout, the longest Timeout period of any Role will be used.

Revision 32012-11-06 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="520RoleBasedSecurity"

Setting RBS Configuration

Line: 15 to 15
  When you select this option, you will see the following screen:
Changed:
<
<
>
>		config.png
  The settings are as follows:
Line: 33 to 33
 
<--/commentPlugin-->

-- JeanNeron - 2012-10-31

Added:
>
>
META FILEATTACHMENT attachment="config.png" attr="h" comment="" date="1352243865" name="config.png" path="config.png" size="52466" user="JeanNeron" version="1"

Revision 22012-11-05 - JeanNeron

Line: 1 to 1
 
META TOPICPARENT name="520RoleBasedSecurity"

Setting RBS Configuration

Line: 15 to 15
  When you select this option, you will see the following screen:
Changed:
<
<
>
>
  The settings are as follows:

Status: Active/Disabled. Controls whether RBS or normal Appx security is active. If 'Active', then RBS rules are enforced. If 'Disabled', then normal Appx security applies. Note that the setting take affect for new logins as soon as you click 'Save'. If you have not completed all the set up steps before clicking 'Save', then users logging on may be denied access, depending on your other settings here.

Changed:
<
<		Multi-Role: Disabled/Select/Combine. Disabled means a user cannot belong to more than one Role at at time. This is enforced during 'Security Hierarchy Maintenance'. You may want to set this during initial setup, while still leaving the Status at 'Disabled'. Select means the user can belong to more than one Role at a time, and they will be prompted for which Role they want to use when they log on.
Combine - means the user can belong to more than one Role at a time, and the permissions from all Roles will be combined. In this case, the following rules apply:
- For process/file/field security, if any Role would allow access, then access is granted.
- For Inactivity, if any Role would allow the user to log on, then log on will be allowed.
- For Timeout, the longest Timeout period of any Role will be used.
>
>		Multi-Role: Disabled/Select/Combine. Disabled means a user cannot belong to more than one Role at at time. This is enforced during 'Security Hierarchy Maintenance'. You may want to set this during initial setup, while still leaving the Status at 'Disabled'. Select means the user can belong to more than one Role at a time, and they will be prompted for which Role they want to use when they log on.
Combine - means the user can belong to more than one Role at a time, and the permissions from all Roles will be combined. In this case, the following rules apply:
- For process/file/field security, if any Role would allow access, then access is granted.
- For Inactivity, if any Role would allow the user to log on, then log on will be allowed.
- For Timeout, the longest Timeout period of any Role will be used.
  Default Access Processes/Files/Fields: This controls if access is granted or not for unsecured items. An unsecured item is one that does not have an ACL record at any level (Database, Department, Workgroup, Role and User). This would typically be objects that have been added since the 'Create Access Control List' was run.

Revision 12012-10-31 - JeanNeron

Line: 1 to 1
Added:
>
>
META TOPICPARENT name="520RoleBasedSecurity"

Setting RBS Configuration

The final step in setting up RBS is to set the configuration parameters.

Overview:

The Parameter file for RBS controls various aspects of how RBS will operate.

This is the 'Security Configuration' option on the 'Security' tab of the RBS menu.

Description:

When you select this option, you will see the following screen:

The settings are as follows:

Status: Active/Disabled. Controls whether RBS or normal Appx security is active. If 'Active', then RBS rules are enforced. If 'Disabled', then normal Appx security applies. Note that the setting take affect for new logins as soon as you click 'Save'. If you have not completed all the set up steps before clicking 'Save', then users logging on may be denied access, depending on your other settings here.

Multi-Role: Disabled/Select/Combine. Disabled means a user cannot belong to more than one Role at at time. This is enforced during 'Security Hierarchy Maintenance'. You may want to set this during initial setup, while still leaving the Status at 'Disabled'. Select means the user can belong to more than one Role at a time, and they will be prompted for which Role they want to use when they log on.

Combine - means the user can belong to more than one Role at a time, and the permissions from all Roles will be combined. In this case, the following rules apply:
- For process/file/field security, if any Role would allow access, then access is granted.
- For Inactivity, if any Role would allow the user to log on, then log on will be allowed.
- For Timeout, the longest Timeout period of any Role will be used.

Default Access Processes/Files/Fields: This controls if access is granted or not for unsecured items. An unsecured item is one that does not have an ACL record at any level (Database, Department, Workgroup, Role and User). This would typically be objects that have been added since the 'Create Access Control List' was run.

Comments:

Read what other users have said about this page or add your own comments. 


<--/commentPlugin-->

-- JeanNeron - 2012-10-31

View topic | History: r4 < r3 < r2 < r1 | More topic actions...
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback