Groups

Web

Specifications

Contacting and Downloading

FAQs

Terms and Conditions

When designing a security system, the simplest method is to individually list all users, then nominate all the pages that an individual user can access.
While this is possible, it is not the most efficient.

The security system allows you to create user 'groups' (as groups of users will generally require the same requirements). A simple example is an 'administrator' group, who would have access to creating and removing users, and managing the security system. 'Everyone else' would have access to all the other pages.

Step 1: Create Users

The first step is to create the individual users by using the 'add user' facility.

Note you need to create the users, even if the users have been manually created already.

Step 2: Create groups

Next, you need to create the individual groups. As a minimum, it is recommended you create at least an 'administrator' group. You can create as many groups as you like.

A group will have access to a specific set of web pages (defined later).

Step 3: Associate users to groups

You need to put users into groups. In this way, when security settings are defined for a group, all users within that group will 'inherit' those settings.

A user can exist in any number of groups, i.e. from zero to all the groups that have been defined. If the user doesn't exist in any group, they will only be able to see the 'open access' pages, if they belong to a group, they will see all 'open access' pages, plus any pages the group can see.

Step 4: Forms access

The last stage is to enter the forms (web pages) that are visible to a group.

If a page is not mentioned here, it is deemed 'open access', and anyone with a valid login and password into the system can access the page.

If a page is associated to any group, that page will then only be available to those groups.

When adding an entry into the forms access, you are prompted with two pull down menus - one is the groups, and the second is the page name (as appears within the address bar) with a description.

Note If you restrict access to data entry /edit pages (usually having '_DE' at the end of the name), the system will still allow access to these pages, but in a 'view only' mode.

Recommended security settings

If you do not have any security settings, I would recommend the following (please adapt and expand as appropriate).

Users:

'root' - this is the master user

Groups:

'administrators' - this group has access to the security system

Group memberships:

'root' should be a member of the 'administrators' group

Forms access:

The following forms should only be available to 'administrators' group:

add_user
remove_user
USERS
USER_GROUPS
USER_MEMBERSHIPS
USER_RESTRICTED
global preferences

It is advisable to create a second user, which would not belong to any group, and therefore would only be able to access all the other pages. This user would be used under normal circumstances.

Last Updated: November 9, 2006, 9:30 pm