Versions Compared

Old Version 5

changes.mady.by.user Former user

Saved on

compared with

New Version 6

changes.mady.by.user Nicolás Palombo

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Wiki Markup
{scrollbar}

----
h2. Adding Roles in O3 Server.

Access assignment in O3 Server is performed on the roles instead of assigning them directly to the users.

Adding users as actors in each role, is how the user acquires the required access permissions. This simplifies the security scheme and facilitates its administration.

In addition to this, in order to support complex security schemes, it is possible to define _Parametric_ and _Instance_ roles, in which users/actors are automatically defined from their attributes.

To add a role:
# Start O3 Server Administrator.
# Expand the Services \| Security branch in the Administration Tree.
# Click on the _Roles_ Tab in the Properties Pane.
# Click on the New button, located below the _Roles_ area which contains the list of defined Roles.
When clicking a new role will be added to the list under the name _New Role_.
The Roles tab also contains three sub-tabs: General, Actors and Attributes, in which the properties of the role selected from the list are grouped.
# Click on the General tab of the new role and enter at least the role name.
# Click on the Apply button in the General Tab to confirm the new role.
Then click on the Apply button located at the bottom of the Properties Pane to confirm all security changes made.
!O3ServerAdministrator-Security-Roles.png|align=center!\\,vspace=10,hspace=10!

h2. Adding Users to an O3 Server.

\\

For a user to acquire access, it is necessary to add them as actor in a role. As access is performed on roles and not directly on users, it is necessary for all users to play at least one role.

In the same way you add users to a role, you may add a group of users to a role.

To add a user as actor in a role:
# Start O3 Server Administrator.
# Expand the Services \| Security branch in the Administration Tree. 
# Click on the Roles Tab in the Properties Pane.
# Click on the role you wish to add user to. The Roles area contains a list of defined roles and is located to the right of the tab.
# Click on the _Actors_ Tab. This tab is contained in the _Roles_ tab and contains a list of defined actors in the selected role.
# Click on the _Add_ button in the Actors tab and a new window with the list of defined users and groups will pop up.
At the top of this window you may carry out a filtering by name.
# Select the user or group to add to the role in the window.
If no users or groups appear in it, click on the search button located at the top of the window.
# Click on the _Apply_ button in the _Actors_ tab. 
There are three _Apply_ buttons in this Properties Pane.
The one in the _Actors_ tab confirms the added actors; the one in the _Roles_ tab confirms changes made to the selected role and the third _Apply_ button  is located at the bottom left of the Properties Pane and confirms all changes made to security settings.
 
!O3ServerAdministrator-Security-Roles-UserAssignment.png|align=center,vspace=10,hspace=10!

h2. Adding or Updating attributes in an O3 Role.

Just like in the case of users, the definition of attributes at role level enables a greater refining of security settings.

For instance, by using the  _getRolValue()_ function, you may obtain the value assigned to an role's attribute a user is an actor in.

To add a user as actor in a role:
# Start O3 Server Administrator.
# Expand the Services \| Security branch in the Administration Tree.
# Click on the Roles Tab in the Properties Pane.
# Click on the role in which you wish to add or update attributes.
The _Roles_ area contains a list of defined roles and is located to the right of the tab.
# Click on the _Attributes_ tab. This tab is contained within the Roles Tab and displays a list of the attributes defined for the role.
# To add a new attribute, press the _Add_ button in the _Attributes_ tab and a new attribute will be added to the list.
The following information must be completed for the new attribute:
###* Name. It is the name of the attribute that will be used to refer to the value assigned to the user.
This name is used, for instance, as a parameter in the _getRolValue()_ function_.\_
##
#* Type.It is the type of attribute, and can be String, Date, Time o Boolean
###* Value: The value assigned to the new attribute for the role.
For instance, this value is returned by the _getRolValue()_ function.
# To update an attribute, you must select the it on the list and modify its name, type or value.
# Click on the Apply button in the _Attributes_ tab  to confirm the changes made to attributes.
Then, click on the Apply button in the Roles tab to confirm the changes made to the Role and finally click on the Apply button located at the bottom of the Properties Pane to confirm all teh changes made to the security settings.

h2. Deleting a Role from O3 Server

When, for any given reason, a role is no longer required, it is advisable to delete it  from the O3 Server list of roles to prevent confusion and simplify the shcheme.

To delete a Role from O3 Server:
# Start O3 Server Administrator.
# Expand the Services \| Security branch in the Administration Tree.
# Click on the Roles Tab in the Properties Pane.
# Click on the role you wish to delete. The Roles area contains a list of defined roles and is located to the right of the tab.
# Click on the Delete button, located below the list of defined roles.
Then, click on the Apply button located at the bottom of the Properties Pane to confirm all changes made to security settings.

----
{childrenscrollbar}
{scrollbarchildren}