All the security in MX-Frame is done in runtime. This means that entire security policy for the content displayed in MX-Client can be specified and configured on the fly. This can be done by a user with appropriate user privileges on any MX-Client and the changes will take effect next time a user logs in for entire system.
In MX-Frame it is possible to define security for individual operation. Doing this it is possible to prevent that no data flow is executed without proper authorization. By default all standard operations, such as select, insert, update and delete, can have security policies. As well as default statements it also possible to define security for any extended statements defined in a data source of an adapter.
Entire navigation can also be the subject of security. It is possible to define security for the entire domain or for individual menus. This ensures total flexibility in specifying security policy. Using this kind of security it is possible to prevent users from accessing restricted user interfaces.
Data Security
Beside the classic operation security MX-Frame also offers Data Security. It is possible to define which data is available for which user and which data cannot be even seen by a user or a group of users. This powerful and innovative feature can be used to customize an application even further in details.
Security can be defined for several different security entities. These entities group optional number of users by some sort of common property.
| Entity | Description |
|---|---|
| Users | Contains all user accounts created in the system. This entity enables the configuration of security for an individual user. |
| Workgroups | Contains all created workgroups. When security is set for a specific workgroup, it is set for all users in this workgroup. Workgroup membership is explained in details in chapter Workgroup User Membership. |
| Application Roles | Contains all available application roles. This includes the default roles and roles created with MxApplicationRole in MX-Developer. When security is set for a specific role, it is set for all users in this role. Role membership is explained in details in chapter Managing User Role Membership. |
| Workplaces | Contains all predefined workplaces. Security is executed for the workplace to which the currently selected user is logged on. |
| Workstations | Security is executed for the defined workstation. New workstation can be added to the list using Add button. Any number of workstations can be added. Workstation must be defined with the name of the workstation. |
Multiple and missing policies
On a single operation security can be defined for more than one entity. The question is how the security behaves in this situation. It is also a question what to do if no security policy is defined for an operation. The behaviour in such situations is defined with system properties Empty Action Policy and Security Level. To learn more on this subject see chapter System.
To define security for a user on a navigation menu
- Run MX-Client.
- Login using account with security privileges.
- Right click the desired navigation menu on the ribbon.
- Select Manage security for ‘XXX’ navigation item... option.
- In the security window select the navigation menu from the list Securable Items.
- Be sure to have Users option selected. Check the Allow option for the desired user.
Changes are stored immediately and will take effect next time the user logs in the application.