Can we restrict a user to view and use only one page and hide all other pages in the apex application in oracle apex 5?
The scenario is similar as we assign a particular responsibility to a particular user in Oracle EBS and he has the access to use that particular responsibility and rest are hidden to view.
How to achieve this??
Yes ,You can do it by using authorization schemes.
By using authorization scheme ,you can restrict the user for viewing other pages.
Regards,
Nikita
Easiest way is to create an Access Control page. It will automatically create three authorization schemes for you. Admin, Edit, and View. You can assign users to those. Set application mode to Public read only. Edit and administrative privileges controlled by access control list. This will open the application for all the users, except for the pages that you control using authorization schemes.
Related
Suppose that I have a web application. Consider it like a Black-Box for now. I want to use a backend system to limit what a user can view/do on the app.
i.e. Sample users can only do three functions, Premium users can do 10 functions and see more pictures.
What is the best way to do it?
I'm trying to using WSO2 Identity Server, but it doesn't offer this functionality. So I've thought that maybe I can integrate it with the WSO2 API Manager and make an API that limits users' access to a certain resource. But really I cannot find if it's possible do it. Anyone know it?
Please refer to : https://docs.wso2.com/display/IS530/Access+Control+Concepts
1) WSO2IS can act as a coarse grained access manager. Your application will act as a fine grained access mnager.
It means that roles can be defined in WSO2IS, managed and assigned to user. From there Roles assigned to one user can be provided as clains with the identity token generated by WSO2IS and sent to the application.
The application, on the other side, will manage roles to permissions links.
Access control is then done at each request by the application, based on the roles presented in the Identity Token by the user and the Permissions grid based on roles in the application.
2) The access control at the application is a business logic you must implement (or at least configure if it a COTS). It is possible to outsource this logic to WSO2IS as policies on attribute (with Workflows).
Please look at : https://docs.wso2.com/display/IS530/XACML+Architecture
Jeff
I am using Piranha CMS , and i want to create multiple users in different group, i tried to do so but its not allowing me to login those users,even i have to implement that logged in user should only edit few pages which is permitted to that user. How can i restrict user to do so
The group permission system in Piranha CMS is hierarchical, this means that all users that should be able to log in to the manager should derive from the group admin.
When you have that set up you can take a look at the different permissions in the manager interface and assign these to different groups.
There are however no support to allow users to only edit certain pages, if you want that kind of behavior you'll have to implement it yourself in the available manager hooks.
Regards
I'm new to Piranha CMS and just trying to get my head around it. I'm using the MVC implementation and I need to do the following:
I need to extend the User with a property that stores an account number.
I need a page that is only accessible once the user logs in
On this page, I need to call a REST API on another server, using the account number a parameter, to retrieve a list of documents that the user has stored on this server.
When the user clicks the document, it will be downloaded as a PDF using the REST API once again
I just need general guidance on how to do this. How do I store the account number against the user (and manage this) and do I need to create a new Region that will show the list of documents from the remote server. Is there an example of creating a new Region anywhere and maybe returning a list from SQL that I can adapt?
Any help gratefully received.
Thanks in advance
Mike
The easiest way is to implement an extension with your custom fields that you attach to the user where you store this information.
When editing a page, go in under "settings" and select which groups should have access to your page. For this purpose I suggest creating a new group for site users that are not admins.
This should be easily implemented in either the controller or model for your page. When the user is logged in "User.Identity.Name" is the user id. Get the user, load the extensions & use the account number.
See number three.
Regards
I am developing an application in ASP.NET and I have a page that depening on user's role displays different parts. If the user is an Admin s/he sees for instance a page part where to input a new user and role that a normal user cannot see. Let's think about this page as a portal.
I already wrapped all the different sections in with Id and I can control their visibility. However this is not the optimal solution concerning security since the user or a malicious robot can still fill and access the parts that are not visible in the browser.
With MVC it is easy since I just create several partial views and render them upon users' credentials but how do you do it in standard Web Forms? Thanks
You can use the ASP.NET LoginView control. The control has an AnnonymousTemplate which you can use to specify which content should be shown to Annonymous users, and a LoggedInTemplate which you would use to specify the content shown to logged in users. But is also has RoleGroups which can be used to specify content that can be shown to users in different roles.
The article in this link will walk you through the use of this control.
http://weblogs.asp.net/sukumarraju/archive/2010/07/28/role-based-authorization-using-loginview-control.aspx
I am developing a component, and i am having my own login form and tables.
After authentication of user through my component, userinfo is being stored in Session.
Everything is fine. but user is able to access the views that are supposed to be viewed by logged in users.
I wanted to restrict the access through link. How to do it? Is it possible to so.
Note: I am not using joomla user login. I am using my own component.
Kindly help me to protect the views, and must be displayed after user logged in.
How can i accomplish this task?
Thanks in Advance
Check for advanced settings and set view access to Registered. 9jera.com