Simple sign-in authentication distinguishes between users who are signed-in and those who are not (anonymous users).
Simple sign-in authentication distinguishes between users who are signed in and those are not. Users who are not signed in are called anonymous users. Because of the flexibility in Iron Speed Designer’s role-based security model, you can grant access to individual pages to either signed in or anonymous users, or to both signed in and anonymous users. This is very useful when you want your application to present one view of your data to a signed in user and a different view, perhaps more limited, to users that haven’t signed in or don’t have an account (anonymous users).
|
|
Simple sign-in authentication distinguishes between users who are signed-in and those who are not (anonymous users). |
All that is needed to configure sign-in authentication is a single database table containing your application users’ basic user name and password information. Configuring simple sign-in authentication is straightforward:
Step 1: Configure the role-based security by selecting the proper fields from the selected database table.
|
|
Simple sign-in security requires just a single database table with basic user name and password information. |
Step 2: Specify page-specific access rights.
Step 3: Build and run your application.
Single role authentication distinguishes between various groups of users based on their assigned role. Individual application pages can be configured to permit access to users who have the required role. In the single role authentication model, individual application users have only one role assigned to them. However, the application pages can be configured to permit access to multiple roles, for example, sales and marketing.
|
|
Single role authentication distinguishes between different classes of users based on their assigned role. |
Each user has one role assigned to them. This role assignment is in the same database table as the user name and password information required for simple sign-in authentication. Configuring single role authentication is straightforward:
Step 1: Configure role-based security by selecting the proper fields from the selected database table (user name, password, user ID and role).
|
|
Single role security requires just a single database table with basic user name and password information. |
Step 2: Specify page-specific access rights.
Step 3: Build and run your application.
In more sophisticated role-based security systems, users can be assigned multiple roles, effectively giving them broader access than would be granted by a single role. A simple example is that every customer service representative may not be authorized to access customer credit card data. In this example, the customer service supervisor has one role as a "rep" with access to customer account information, and a second role as "manager" with authorization to issue refunds or credits. Ideally, those roles are accessible simultaneously without requiring the user to log in under a second role.
|
|
Multiple-role authentication distinguishes between different classes of users based on their assigned role. Individual application users can have multiple roles assigned to them, and individual web pages can be configured to permit access by multiple roles. |
Configuring multiple-role authentication is straightforward:
Step 1: Configure role-based security by selecting the proper fields from the selected database tables (user name, password, user ID, the role information and the User Role information.)
|
|
Multiple role security requires several database tables with basic user name and password information. |
Step 2: Specify page-specific access rights.
Step 3: Build and run your application.
Iron Speed Designer automatically adds end-user authentication (sign-in) access control as a standard feature to your applications, if you designate a User Table. You assign any number of roles and give access to any number of roles to each user. Your sign-in feature is based on your own user table in your database. Using a wizard in Iron Speed Designer you can quickly secure individual pages to specific roles. Specifically, Iron Speed Designer supports:
Separate tables for Users, User Roles, and Roles. You can have a one, two, or three table user roles configuration.
A variety of data types for these tables so you are not required to change your schema to use role-based security.
Page access restriction, menu hiding, and button hiding.
Using email to send password reminders for lost passwords.
You can quickly and easily secure your web pages so that only those assigned to appropriate access roles can access these pages. Securing web pages is a four-step process:
Create user account information in your database.
Create a set of user roles.
Identify the location of user information in your database.
Configure your web pages for role-based security.
Step 1: Select Application Security Type
Step 2: Enter Active Directory Connection String
Step 3: Select the User Table (Database Security)
Step 4: Select the Roles Table (Database Security)
Step 4: Select the Policy Store Role Provider (AzMan Security)
Step 5: Assign Page Permissions
Step 6: Configure Individual Components for Role-Based Security
Administering Database Security at Run-Time
Displaying Data for Logged In Users
Active Directory and Microsoft Authorization Manager Configuration
