OFBiz OFBiz - User

User Login in set up, Minimum permission requirement

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Anil Patel
Reply | Threaded
Open this post in threaded view
|

User Login in set up, Minimum permission requirement

Anil Patel
Hi,
In the process of testing the new security implementation, I thought of
creating a new user login and assign permissions from ground up. To make
sure I am making mistakes in testing. But got stuck in process of creating
meaning full user login id.

I created a new user login "testsecurity" pwd "veryhard". user login is
Enabled,

Created a new Security Group "SECDEV" gave following permission

[WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
     [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort Manager.
     [WORKEFFORTMGR_VIEW]


When I tried to login in ofbiz, I get following error.
Login for this application couldn't be completed (required permissions
missing).

I looked around to find some documentation on this but didn't get much
success. Can somebody help me in with this!

Regards
Anil Patel
Scott Gray
Reply | Threaded
Open this post in threaded view
|

Re: User Login in set up, Minimum permission requirement

Scott Gray
Hi Anil

The required base-permissions are defined in each component's
ofbiz-component.xml, workeffort seems to be missing it's base permission
"WORKEFFORTMGR" and is only allowing "OFBTOOLS".

Regards
Scott

Anil Patel wrote:

> Hi,
> In the process of testing the new security implementation, I thought of
> creating a new user login and assign permissions from ground up. To make
> sure I am making mistakes in testing. But got stuck in process of
> creating
> meaning full user login id.
>
> I created a new user login "testsecurity" pwd "veryhard". user login is
> Enabled,
>
> Created a new Security Group "SECDEV" gave following permission
>
> [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
>     [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort Manager.
>     [WORKEFFORTMGR_VIEW]
>
>
> When I tried to login in ofbiz, I get following error.
> Login for this application couldn't be completed (required permissions
> missing).
>
> I looked around to find some documentation on this but didn't get much
> success. Can somebody help me in with this!
>
> Regards
> Anil Patel
>

Scott Gray
Reply | Threaded
Open this post in threaded view
|

Re: User Login in set up, Minimum permission requirement

Scott Gray
Sorry about the double send, I thought I had cancelled the first one in
time.  The first message should say WORKEFFORTMGR and not WORKEFFORT

On 14/01/07, Scott Gray <[hidden email]> wrote:

>
> Hi Anil
>
> The required base-permissions are defined in each component's
> ofbiz-component.xml, workeffort seems to be missing it's base permission
> "WORKEFFORTMGR" and is only allowing "OFBTOOLS".
>
> Regards
> Scott
>
> Anil Patel wrote:
> > Hi,
> > In the process of testing the new security implementation, I thought of
> > creating a new user login and assign permissions from ground up. To make
> > sure I am making mistakes in testing. But got stuck in process of
> > creating
> > meaning full user login id.
> >
> > I created a new user login "testsecurity" pwd "veryhard". user login is
> > Enabled,
> >
> > Created a new Security Group "SECDEV" gave following permission
> >
> > [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
> >     [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort Manager.
> >     [WORKEFFORTMGR_VIEW]
> >
> >
> > When I tried to login in ofbiz, I get following error.
> > Login for this application couldn't be completed (required permissions
> > missing).
> >
> > I looked around to find some documentation on this but didn't get much
> > success. Can somebody help me in with this!
> >
> > Regards
> > Anil Patel
> >
>
>
Anil Patel
Reply | Threaded
Open this post in threaded view
|

Re: User Login in set up, Minimum permission requirement

Anil Patel
Scott,
Thanks for your quick response. I'll be able to find my way from here.

Regards
Anil Patel

On 1/13/07, Scott Gray <[hidden email]> wrote:

>
> Sorry about the double send, I thought I had cancelled the first one in
> time.  The first message should say WORKEFFORTMGR and not WORKEFFORT
>
> On 14/01/07, Scott Gray <[hidden email]> wrote:
> >
> > Hi Anil
> >
> > The required base-permissions are defined in each component's
> > ofbiz-component.xml, workeffort seems to be missing it's base permission
> > "WORKEFFORTMGR" and is only allowing "OFBTOOLS".
> >
> > Regards
> > Scott
> >
> > Anil Patel wrote:
> > > Hi,
> > > In the process of testing the new security implementation, I thought
> of
> > > creating a new user login and assign permissions from ground up. To
> make
> > > sure I am making mistakes in testing. But got stuck in process of
> > > creating
> > > meaning full user login id.
> > >
> > > I created a new user login "testsecurity" pwd "veryhard". user login
> is
> > > Enabled,
> > >
> > > Created a new Security Group "SECDEV" gave following permission
> > >
> > > [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
> > >     [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort
> Manager.
> > >     [WORKEFFORTMGR_VIEW]
> > >
> > >
> > > When I tried to login in ofbiz, I get following error.
> > > Login for this application couldn't be completed (required permissions
> > > missing).
> > >
> > > I looked around to find some documentation on this but didn't get much
> > > success. Can somebody help me in with this!
> > >
> > > Regards
> > > Anil Patel
> > >
> >
> >
>
>
David E Jones
Reply | Threaded
Open this post in threaded view
|

Re: User Login in set up, Minimum permission requirement

David E Jones

Yeah, like Scott said it's probably the OFBTOOLS permission you're  
missing.

The idea behind that permission is to have one that's required for  
all of the stock OFBiz applications so that it is easy to setup users  
that don't have this permission to only access your custom apps and  
such.

-David


On Jan 13, 2007, at 10:35 PM, Anil Patel wrote:

> Scott,
> Thanks for your quick response. I'll be able to find my way from here.
>
> Regards
> Anil Patel
>
> On 1/13/07, Scott Gray <[hidden email]> wrote:
>>
>> Sorry about the double send, I thought I had cancelled the first  
>> one in
>> time.  The first message should say WORKEFFORTMGR and not WORKEFFORT
>>
>> On 14/01/07, Scott Gray <[hidden email]> wrote:
>> >
>> > Hi Anil
>> >
>> > The required base-permissions are defined in each component's
>> > ofbiz-component.xml, workeffort seems to be missing it's base  
>> permission
>> > "WORKEFFORTMGR" and is only allowing "OFBTOOLS".
>> >
>> > Regards
>> > Scott
>> >
>> > Anil Patel wrote:
>> > > Hi,
>> > > In the process of testing the new security implementation, I  
>> thought
>> of
>> > > creating a new user login and assign permissions from ground  
>> up. To
>> make
>> > > sure I am making mistakes in testing. But got stuck in process of
>> > > creating
>> > > meaning full user login id.
>> > >
>> > > I created a new user login "testsecurity" pwd "veryhard". user  
>> login
>> is
>> > > Enabled,
>> > >
>> > > Created a new Security Group "SECDEV" gave following permission
>> > >
>> > > [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
>> > >     [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort
>> Manager.
>> > >     [WORKEFFORTMGR_VIEW]
>> > >
>> > >
>> > > When I tried to login in ofbiz, I get following error.
>> > > Login for this application couldn't be completed (required  
>> permissions
>> > > missing).
>> > >
>> > > I looked around to find some documentation on this but didn't  
>> get much
>> > > success. Can somebody help me in with this!
>> > >
>> > > Regards
>> > > Anil Patel
>> > >
>> >
>> >
>>
>>


smime.p7s (3K) Download Attachment
Anil Patel
Reply | Threaded
Open this post in threaded view
|

Re: User Login in set up, Minimum permission requirement

Anil Patel
Now I am confused,

I added WORKEFFORTMGR to workeffort component.

    <webapp name="workeffort"
        title="WorkEffort"
        server="default-server"
        location="webapp/workeffort"
        base-permission="OFBTOOLS,WORKEFFORTMGR"
        mount-point="/workeffort"/>


The SECURITY Group user login belongs to has permission



     [WORKEFFORTMGR_VIEW] View operations in the Work Effort Manager.
But now I am able to view all the ofbiz apps. Is it how its supposed to
work, or is it problem with how its security checks are implement and should
be changed?

Regards
Anil patel



On 1/13/07, David E. Jones <[hidden email]> wrote:

>
>
> Yeah, like Scott said it's probably the OFBTOOLS permission you're
> missing.
>
> The idea behind that permission is to have one that's required for
> all of the stock OFBiz applications so that it is easy to setup users
> that don't have this permission to only access your custom apps and
> such.
>
> -David
>
>
> On Jan 13, 2007, at 10:35 PM, Anil Patel wrote:
>
> > Scott,
> > Thanks for your quick response. I'll be able to find my way from here.
> >
> > Regards
> > Anil Patel
> >
> > On 1/13/07, Scott Gray <[hidden email]> wrote:
> >>
> >> Sorry about the double send, I thought I had cancelled the first
> >> one in
> >> time.  The first message should say WORKEFFORTMGR and not WORKEFFORT
> >>
> >> On 14/01/07, Scott Gray <[hidden email]> wrote:
> >> >
> >> > Hi Anil
> >> >
> >> > The required base-permissions are defined in each component's
> >> > ofbiz-component.xml, workeffort seems to be missing it's base
> >> permission
> >> > "WORKEFFORTMGR" and is only allowing "OFBTOOLS".
> >> >
> >> > Regards
> >> > Scott
> >> >
> >> > Anil Patel wrote:
> >> > > Hi,
> >> > > In the process of testing the new security implementation, I
> >> thought
> >> of
> >> > > creating a new user login and assign permissions from ground
> >> up. To
> >> make
> >> > > sure I am making mistakes in testing. But got stuck in process of
> >> > > creating
> >> > > meaning full user login id.
> >> > >
> >> > > I created a new user login "testsecurity" pwd "veryhard". user
> >> login
> >> is
> >> > > Enabled,
> >> > >
> >> > > Created a new Security Group "SECDEV" gave following permission
> >> > >
> >> > > [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
> >> > >     [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort
> >> Manager.
> >> > >     [WORKEFFORTMGR_VIEW]
> >> > >
> >> > >
> >> > > When I tried to login in ofbiz, I get following error.
> >> > > Login for this application couldn't be completed (required
> >> permissions
> >> > > missing).
> >> > >
> >> > > I looked around to find some documentation on this but didn't
> >> get much
> >> > > success. Can somebody help me in with this!
> >> > >
> >> > > Regards
> >> > > Anil Patel
> >> > >
> >> >
> >> >
> >>
> >>
>
>
>
>
Anil Patel
Reply | Threaded
Open this post in threaded view
|

Re: User Login in set up, Minimum permission requirement

Anil Patel
I am sorry, Please ignore what I said in last mail, I found somewhere in
process I added more security groups to the user.

Sorry again.
Regards
Anil

On 1/13/07, Anil Patel <[hidden email]> wrote:

>
> Now I am confused,
>
> I added WORKEFFORTMGR to workeffort component.
>
>     <webapp name="workeffort"
>         title="WorkEffort"
>         server="default-server"
>         location="webapp/workeffort"
>         base-permission="OFBTOOLS,WORKEFFORTMGR"
>         mount-point="/workeffort"/>
>
>
> The SECURITY Group user login belongs to has permission
>
>
>
>
>   [WORKEFFORTMGR_VIEW] View operations in the Work Effort Manager.
> But now I am able to view all the ofbiz apps. Is it how its supposed to
> work, or is it problem with how its security checks are implement and should
> be changed?
>
> Regards
> Anil patel
>
>
>
> On 1/13/07, David E. Jones <[hidden email]> wrote:
> >
> >
> > Yeah, like Scott said it's probably the OFBTOOLS permission you're
> > missing.
> >
> > The idea behind that permission is to have one that's required for
> > all of the stock OFBiz applications so that it is easy to setup users
> > that don't have this permission to only access your custom apps and
> > such.
> >
> > -David
> >
> >
> > On Jan 13, 2007, at 10:35 PM, Anil Patel wrote:
> >
> > > Scott,
> > > Thanks for your quick response. I'll be able to find my way from here.
> > >
> > > Regards
> > > Anil Patel
> > >
> > > On 1/13/07, Scott Gray <[hidden email]> wrote:
> > >>
> > >> Sorry about the double send, I thought I had cancelled the first
> > >> one in
> > >> time.  The first message should say WORKEFFORTMGR and not WORKEFFORT
> > >>
> > >> On 14/01/07, Scott Gray <[hidden email]> wrote:
> > >> >
> > >> > Hi Anil
> > >> >
> > >> > The required base-permissions are defined in each component's
> > >> > ofbiz-component.xml, workeffort seems to be missing it's base
> > >> permission
> > >> > "WORKEFFORTMGR" and is only allowing "OFBTOOLS".
> > >> >
> > >> > Regards
> > >> > Scott
> > >> >
> > >> > Anil Patel wrote:
> > >> > > Hi,
> > >> > > In the process of testing the new security implementation, I
> > >> thought
> > >> of
> > >> > > creating a new user login and assign permissions from ground
> > >> up. To
> > >> make
> > >> > > sure I am making mistakes in testing. But got stuck in process of
> >
> > >> > > creating
> > >> > > meaning full user login id.
> > >> > >
> > >> > > I created a new user login "testsecurity" pwd "veryhard". user
> > >> login
> > >> is
> > >> > > Enabled,
> > >> > >
> > >> > > Created a new Security Group "SECDEV" gave following permission
> > >> > >
> > >> > > [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
> > >> > >     [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort
> > >> Manager.
> > >> > >     [WORKEFFORTMGR_VIEW]
> > >> > >
> > >> > >
> > >> > > When I tried to login in ofbiz, I get following error.
> > >> > > Login for this application couldn't be completed (required
> > >> permissions
> > >> > > missing).
> > >> > >
> > >> > > I looked around to find some documentation on this but didn't
> > >> get much
> > >> > > success. Can somebody help me in with this!
> > >> > >
> > >> > > Regards
> > >> > > Anil Patel
> > >> > >
> > >> >
> > >> >
> > >>
> > >>
> >
> >
> >
> >
>
Free forum by Nabble Edit this page