[aida] changing security manager
Janko Mivšek
janko.mivsek at eranova.si
Fri May 30 10:24:06 CEST 2008
Hi Chris,
Chris Dawson wrote:
> Hi there,
>
> I'm reading the mailing list archives and see this thread:
>
> http://lists.aidaweb.si/pipermail/aida/2007-October/000159.html
>
> I've been browsing the source but am unclear how to change the security
> manager. I want to make my site accessible to everyone publicly. Can
> someone provide me with example code to change the security manager to
> allUsers? Or, provide me with a way to set an application to allUsers?
First let me explain default Aida security a bit:
You gave a user/group management as a base for authentication and later
for access control. There is a special user named Guest for anonymous
sessions, until user on such session doesn't login.
Users can belong to one or more groups and all users (including Guest)
belongs to group AllUsers by default.
Access control is by default enforced for every view and action of every
subclass of WebAppliation. You can set Yes/No access rights for every
group or user to every view of your Apps.
You setup that rights through (a bit ancient) Admin>Security settings.
Here you first choose group or user, then click Access rights below and
you'll get a list of all subclasses of WebApplication. Now you set per
view/action (update) access to each of them.
Note that for users in Administators group there are no access
restrictions at all. They have all access rights, like root on Unix.
So, to allow the public access to all users, you choose the AllUsers
group and set access rights as Yes to all your Apps.
Hope this help.
Best regards
Janko
--
Janko Mivšek
AIDA/Web
Smalltalk Web Application Server
http://www.aidaweb.si
More information about the Aida
mailing list