Simple sign-in authentication distinguishes between users who are signed-in and those who are not (anonymous users).
Most applications serve a variety of constituents – customers, customer service, marketing, sales, and management, to name a few. It’s increasingly common in contemporary web applications to permit much broader access to applications and their underlying data than was common with client server applications, which had more restricted user bases. With broader use comes an increased need to partition data according to the user type – and sometimes down to the individual user as well.
One of the most convenient security mechanisms is role-based security because it allows individual users to be assigned into roles, and then access granted at the role level. This makes for convenient administration because most applications need just a handful of roles – 5 or 10 at most – but may have thousands of users.
Broadly speaking, Iron Speed Designer generates three types of role-based security:
Simple sign-in authentication. Application users must sign into the application. Only users with user names and passwords can sign in, giving you control over who can access your application.
Single-role authentication. Application users must have a designated role in order to access a particular web page. Individual web pages are configured so that only those users with the designated role can access the page.
Multiple-role authentication. Individual web pages are configured to accept users who have one of several designated roles.
With role-based security, you can:
Define user names and passwords.
Create and assign multiple user roles for your users.
Configure each web page for access by designated user roles.
Generate your application’s entire role-based security infrastructure.
Simple sign-in authentication distinguishes between users who are signed in and those are not. Users who are not signed in are called anonymous users. Because of the flexibility in Iron Speed Designer’s role-based security model, you can grant access to individual pages to either signed in or anonymous users, or to both signed in and anonymous users. This is very useful when you want your application to present one view of your data to a signed in user and a different view, perhaps more limited, to users that haven’t signed in or don’t have an account (anonymous users).
|
|
Simple sign-in authentication distinguishes between users who are signed-in and those who are not (anonymous users). |
All that is needed to configure sign-in authentication is a single source containing your application users’ user name and password information. For example, configuring simple sign-in authentication is straightforward with Database Security, one of several security mechanisms offered by Iron Speed Designer:
Step 1: Configure the role-based security by selecting the proper fields from the selected database table.
|
|
Simple sign-in security requires just a single database table (Database Security option) with basic user name and password information. |
Step 2: Specify page-specific access rights.
Step 3: Build and run your application.
Single role authentication distinguishes between various groups of users based on their assigned role. Individual application pages can be configured to permit access to users who have the required role. In the single role authentication model, individual application users have only one role assigned to them. However, the application pages can be configured to permit access to multiple roles, for example, sales and marketing.
|
|
Single role authentication distinguishes between different classes of users based on their assigned role. |
Each user has one role assigned to them. In the case of Database Security, for example, this role assignment is in the same database table as the user name and password information required for simple sign-in authentication. Configuring single role authentication with Database Security is straightforward:
Step 1: Configure role-based security by selecting the proper fields from the selected database table (user name, password, user ID and role).
|
|
Single role security requires just a single database table (Database Security option) with basic user name and password information. |
Step 2: Specify page-specific access rights.
Step 3: Build and run your application.
In more sophisticated role-based security systems, users can be assigned multiple roles, effectively giving them broader access than would be granted by a single role. A simple example is that every customer service representative may not be authorized to access customer credit card data. In this example, the customer service supervisor has one role as a "rep" with access to customer account information, and a second role as "manager" with authorization to issue refunds or credits. Ideally, those roles are accessible simultaneously without requiring the user to log in under a second role.
|
|
Multiple-role authentication distinguishes between different classes of users based on their assigned role. Individual application users can have multiple roles assigned to them, and individual web pages can be configured to permit access by multiple roles. |
Configuring multiple-role authentication is straightforward (Database Security option):
Step 1: Configure role-based security by selecting the proper fields from the selected database tables (user name, password, user ID, the role information and the User Role information.)
|
|
Multiple role security requires several database tables (Database Security option) with basic user name and password information. |
Step 2: Specify page-specific access rights.
Step 3: Build and run your application.
Iron Speed Designer’s Security Wizard automatically adds end-user authentication (sign-in) access control as a standard feature to your applications. You assign any number of roles and give access to any number of roles to each user.
For the Database Security option, your sign-in feature is based on your own user table in your database and you can quickly secure individual pages to specific roles via the Security Wizard. Specifically, Iron Speed Designer supports:
Separate tables for Users, User Roles, and Roles. You can have a one, two, or three table user roles configuration.
A variety of data types for these tables so you are not required to change your schema to use role-based security.
Page access restriction, menu hiding, and button hiding.
Step 1: Select Application Security Type
Step 2: Enter Active Directory Connection String
Step 3: Select the User Table (Database Security)
Step 4: Select the Roles Table (Database Security)
Step 4: Select the Policy Store Role Provider (AzMan Security)
Step 5: Assign Page Permissions
Step 6: Configure Individual Controls for Role-Based Security
Administering Database Security at Run-Time
Displaying Data for Logged In Users
Configuring Automatic Sign-Out
Configuring Your System for Application Security
