janko.mivsek at eranova.si
Mon Oct 8 22:16:54 CEST 2007
I just came from the mountains, so the answer is a bit late :)
And by the way, what an impressive web site you are building, not to
mention how feature rich is already. Good work!
Dirk Verleysen wrote:
> Is there some documentation available on Security ?
No, not yet, mainly because I'd like to rewrite Admin>Security part before.
Just FYI: this part is actually one of the first Aida web apps back from
1996, so you can have a clue how things got started :)
> I added the following to my site:
> (AIDASite named: 'SKH') urlResolver defaultURL: '/security.html'
> forObject: WebSecurityManager new.
I would not recommend to make another security manager, because there is
already one, accessible directly as anAIDASite securityManager and this
one is actually used by Aida while yours is not.
> I now can add groups and users but cannot remove groups. Are there some
> rules for users and groups like Administrators, AllUsers, Guest ?
I see, group removing through web UI is currently broken, but you can
remove it manually through inspector for now. I'll patch this soon.
User Guest is special because every user is Guest until he logs in. And
become again Guest when logout.
Group Administrators is also special because users in that group have
kind of "root" privileges - they can do everything
Group AllUsers is another special one, because all users are members of
that group by default.
Group Registered Users holds users who went successfully through a
complete registration process to that group.
To set up access rights, you should:
- for public access, set access rights to group AllUsers
- for access to all guest users, set user Guest
- for access to all logged-in users, set group Registered Users
- to limit access even more you can set rights to each individual user
or add your own groups at set rights to them
Access rights can be set for every WebApplication subclass (that is your
App class) and for its every view and action (update).
I hope that helps a bit.
> Aida mailing list
> Aida na aidaweb.si
Smalltalk Web Application Server
More information about the Aida