You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ofbiz.apache.org by Anil Patel <to...@gmail.com> on 2007/01/14 05:54:04 UTC
User Login in set up, Minimum permission requirement
Hi,
In the process of testing the new security implementation, I thought of
creating a new user login and assign permissions from ground up. To make
sure I am making mistakes in testing. But got stuck in process of creating
meaning full user login id.
I created a new user login "testsecurity" pwd "veryhard". user login is
Enabled,
Created a new Security Group "SECDEV" gave following permission
[WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
[WORKEFFORTMGR_UPDATE] Update operations in the Work Effort Manager.
[WORKEFFORTMGR_VIEW]
When I tried to login in ofbiz, I get following error.
Login for this application couldn't be completed (required permissions
missing).
I looked around to find some documentation on this but didn't get much
success. Can somebody help me in with this!
Regards
Anil Patel
Re: User Login in set up, Minimum permission requirement
Posted by Anil Patel <to...@gmail.com>.
I am sorry, Please ignore what I said in last mail, I found somewhere in
process I added more security groups to the user.
Sorry again.
Regards
Anil
On 1/13/07, Anil Patel <to...@gmail.com> wrote:
>
> Now I am confused,
>
> I added WORKEFFORTMGR to workeffort component.
>
> <webapp name="workeffort"
> title="WorkEffort"
> server="default-server"
> location="webapp/workeffort"
> base-permission="OFBTOOLS,WORKEFFORTMGR"
> mount-point="/workeffort"/>
>
>
> The SECURITY Group user login belongs to has permission
>
>
>
>
> [WORKEFFORTMGR_VIEW] View operations in the Work Effort Manager.
> But now I am able to view all the ofbiz apps. Is it how its supposed to
> work, or is it problem with how its security checks are implement and should
> be changed?
>
> Regards
> Anil patel
>
>
>
> On 1/13/07, David E. Jones <jo...@hotwaxmedia.com> wrote:
> >
> >
> > Yeah, like Scott said it's probably the OFBTOOLS permission you're
> > missing.
> >
> > The idea behind that permission is to have one that's required for
> > all of the stock OFBiz applications so that it is easy to setup users
> > that don't have this permission to only access your custom apps and
> > such.
> >
> > -David
> >
> >
> > On Jan 13, 2007, at 10:35 PM, Anil Patel wrote:
> >
> > > Scott,
> > > Thanks for your quick response. I'll be able to find my way from here.
> > >
> > > Regards
> > > Anil Patel
> > >
> > > On 1/13/07, Scott Gray <le...@gmail.com> wrote:
> > >>
> > >> Sorry about the double send, I thought I had cancelled the first
> > >> one in
> > >> time. The first message should say WORKEFFORTMGR and not WORKEFFORT
> > >>
> > >> On 14/01/07, Scott Gray <le...@gmail.com> wrote:
> > >> >
> > >> > Hi Anil
> > >> >
> > >> > The required base-permissions are defined in each component's
> > >> > ofbiz-component.xml, workeffort seems to be missing it's base
> > >> permission
> > >> > "WORKEFFORTMGR" and is only allowing "OFBTOOLS".
> > >> >
> > >> > Regards
> > >> > Scott
> > >> >
> > >> > Anil Patel wrote:
> > >> > > Hi,
> > >> > > In the process of testing the new security implementation, I
> > >> thought
> > >> of
> > >> > > creating a new user login and assign permissions from ground
> > >> up. To
> > >> make
> > >> > > sure I am making mistakes in testing. But got stuck in process of
> >
> > >> > > creating
> > >> > > meaning full user login id.
> > >> > >
> > >> > > I created a new user login "testsecurity" pwd "veryhard". user
> > >> login
> > >> is
> > >> > > Enabled,
> > >> > >
> > >> > > Created a new Security Group "SECDEV" gave following permission
> > >> > >
> > >> > > [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
> > >> > > [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort
> > >> Manager.
> > >> > > [WORKEFFORTMGR_VIEW]
> > >> > >
> > >> > >
> > >> > > When I tried to login in ofbiz, I get following error.
> > >> > > Login for this application couldn't be completed (required
> > >> permissions
> > >> > > missing).
> > >> > >
> > >> > > I looked around to find some documentation on this but didn't
> > >> get much
> > >> > > success. Can somebody help me in with this!
> > >> > >
> > >> > > Regards
> > >> > > Anil Patel
> > >> > >
> > >> >
> > >> >
> > >>
> > >>
> >
> >
> >
> >
>
Re: User Login in set up, Minimum permission requirement
Posted by Anil Patel <to...@gmail.com>.
Now I am confused,
I added WORKEFFORTMGR to workeffort component.
<webapp name="workeffort"
title="WorkEffort"
server="default-server"
location="webapp/workeffort"
base-permission="OFBTOOLS,WORKEFFORTMGR"
mount-point="/workeffort"/>
The SECURITY Group user login belongs to has permission
[WORKEFFORTMGR_VIEW] View operations in the Work Effort Manager.
But now I am able to view all the ofbiz apps. Is it how its supposed to
work, or is it problem with how its security checks are implement and should
be changed?
Regards
Anil patel
On 1/13/07, David E. Jones <jo...@hotwaxmedia.com> wrote:
>
>
> Yeah, like Scott said it's probably the OFBTOOLS permission you're
> missing.
>
> The idea behind that permission is to have one that's required for
> all of the stock OFBiz applications so that it is easy to setup users
> that don't have this permission to only access your custom apps and
> such.
>
> -David
>
>
> On Jan 13, 2007, at 10:35 PM, Anil Patel wrote:
>
> > Scott,
> > Thanks for your quick response. I'll be able to find my way from here.
> >
> > Regards
> > Anil Patel
> >
> > On 1/13/07, Scott Gray <le...@gmail.com> wrote:
> >>
> >> Sorry about the double send, I thought I had cancelled the first
> >> one in
> >> time. The first message should say WORKEFFORTMGR and not WORKEFFORT
> >>
> >> On 14/01/07, Scott Gray <le...@gmail.com> wrote:
> >> >
> >> > Hi Anil
> >> >
> >> > The required base-permissions are defined in each component's
> >> > ofbiz-component.xml, workeffort seems to be missing it's base
> >> permission
> >> > "WORKEFFORTMGR" and is only allowing "OFBTOOLS".
> >> >
> >> > Regards
> >> > Scott
> >> >
> >> > Anil Patel wrote:
> >> > > Hi,
> >> > > In the process of testing the new security implementation, I
> >> thought
> >> of
> >> > > creating a new user login and assign permissions from ground
> >> up. To
> >> make
> >> > > sure I am making mistakes in testing. But got stuck in process of
> >> > > creating
> >> > > meaning full user login id.
> >> > >
> >> > > I created a new user login "testsecurity" pwd "veryhard". user
> >> login
> >> is
> >> > > Enabled,
> >> > >
> >> > > Created a new Security Group "SECDEV" gave following permission
> >> > >
> >> > > [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
> >> > > [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort
> >> Manager.
> >> > > [WORKEFFORTMGR_VIEW]
> >> > >
> >> > >
> >> > > When I tried to login in ofbiz, I get following error.
> >> > > Login for this application couldn't be completed (required
> >> permissions
> >> > > missing).
> >> > >
> >> > > I looked around to find some documentation on this but didn't
> >> get much
> >> > > success. Can somebody help me in with this!
> >> > >
> >> > > Regards
> >> > > Anil Patel
> >> > >
> >> >
> >> >
> >>
> >>
>
>
>
>
Re: User Login in set up, Minimum permission requirement
Posted by "David E. Jones" <jo...@hotwaxmedia.com>.
Yeah, like Scott said it's probably the OFBTOOLS permission you're
missing.
The idea behind that permission is to have one that's required for
all of the stock OFBiz applications so that it is easy to setup users
that don't have this permission to only access your custom apps and
such.
-David
On Jan 13, 2007, at 10:35 PM, Anil Patel wrote:
> Scott,
> Thanks for your quick response. I'll be able to find my way from here.
>
> Regards
> Anil Patel
>
> On 1/13/07, Scott Gray <le...@gmail.com> wrote:
>>
>> Sorry about the double send, I thought I had cancelled the first
>> one in
>> time. The first message should say WORKEFFORTMGR and not WORKEFFORT
>>
>> On 14/01/07, Scott Gray <le...@gmail.com> wrote:
>> >
>> > Hi Anil
>> >
>> > The required base-permissions are defined in each component's
>> > ofbiz-component.xml, workeffort seems to be missing it's base
>> permission
>> > "WORKEFFORTMGR" and is only allowing "OFBTOOLS".
>> >
>> > Regards
>> > Scott
>> >
>> > Anil Patel wrote:
>> > > Hi,
>> > > In the process of testing the new security implementation, I
>> thought
>> of
>> > > creating a new user login and assign permissions from ground
>> up. To
>> make
>> > > sure I am making mistakes in testing. But got stuck in process of
>> > > creating
>> > > meaning full user login id.
>> > >
>> > > I created a new user login "testsecurity" pwd "veryhard". user
>> login
>> is
>> > > Enabled,
>> > >
>> > > Created a new Security Group "SECDEV" gave following permission
>> > >
>> > > [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
>> > > [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort
>> Manager.
>> > > [WORKEFFORTMGR_VIEW]
>> > >
>> > >
>> > > When I tried to login in ofbiz, I get following error.
>> > > Login for this application couldn't be completed (required
>> permissions
>> > > missing).
>> > >
>> > > I looked around to find some documentation on this but didn't
>> get much
>> > > success. Can somebody help me in with this!
>> > >
>> > > Regards
>> > > Anil Patel
>> > >
>> >
>> >
>>
>>
Re: User Login in set up, Minimum permission requirement
Posted by Anil Patel <to...@gmail.com>.
Scott,
Thanks for your quick response. I'll be able to find my way from here.
Regards
Anil Patel
On 1/13/07, Scott Gray <le...@gmail.com> wrote:
>
> Sorry about the double send, I thought I had cancelled the first one in
> time. The first message should say WORKEFFORTMGR and not WORKEFFORT
>
> On 14/01/07, Scott Gray <le...@gmail.com> wrote:
> >
> > Hi Anil
> >
> > The required base-permissions are defined in each component's
> > ofbiz-component.xml, workeffort seems to be missing it's base permission
> > "WORKEFFORTMGR" and is only allowing "OFBTOOLS".
> >
> > Regards
> > Scott
> >
> > Anil Patel wrote:
> > > Hi,
> > > In the process of testing the new security implementation, I thought
> of
> > > creating a new user login and assign permissions from ground up. To
> make
> > > sure I am making mistakes in testing. But got stuck in process of
> > > creating
> > > meaning full user login id.
> > >
> > > I created a new user login "testsecurity" pwd "veryhard". user login
> is
> > > Enabled,
> > >
> > > Created a new Security Group "SECDEV" gave following permission
> > >
> > > [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
> > > [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort
> Manager.
> > > [WORKEFFORTMGR_VIEW]
> > >
> > >
> > > When I tried to login in ofbiz, I get following error.
> > > Login for this application couldn't be completed (required permissions
> > > missing).
> > >
> > > I looked around to find some documentation on this but didn't get much
> > > success. Can somebody help me in with this!
> > >
> > > Regards
> > > Anil Patel
> > >
> >
> >
>
>
Re: User Login in set up, Minimum permission requirement
Posted by Scott Gray <le...@gmail.com>.
Sorry about the double send, I thought I had cancelled the first one in
time. The first message should say WORKEFFORTMGR and not WORKEFFORT
On 14/01/07, Scott Gray <le...@gmail.com> wrote:
>
> Hi Anil
>
> The required base-permissions are defined in each component's
> ofbiz-component.xml, workeffort seems to be missing it's base permission
> "WORKEFFORTMGR" and is only allowing "OFBTOOLS".
>
> Regards
> Scott
>
> Anil Patel wrote:
> > Hi,
> > In the process of testing the new security implementation, I thought of
> > creating a new user login and assign permissions from ground up. To make
> > sure I am making mistakes in testing. But got stuck in process of
> > creating
> > meaning full user login id.
> >
> > I created a new user login "testsecurity" pwd "veryhard". user login is
> > Enabled,
> >
> > Created a new Security Group "SECDEV" gave following permission
> >
> > [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
> > [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort Manager.
> > [WORKEFFORTMGR_VIEW]
> >
> >
> > When I tried to login in ofbiz, I get following error.
> > Login for this application couldn't be completed (required permissions
> > missing).
> >
> > I looked around to find some documentation on this but didn't get much
> > success. Can somebody help me in with this!
> >
> > Regards
> > Anil Patel
> >
>
>
Re: User Login in set up, Minimum permission requirement
Posted by Scott Gray <le...@gmail.com>.
Hi Anil
The required base-permissions are defined in each component's
ofbiz-component.xml, workeffort seems to be missing it's base permission
"WORKEFFORTMGR" and is only allowing "OFBTOOLS".
Regards
Scott
Anil Patel wrote:
> Hi,
> In the process of testing the new security implementation, I thought of
> creating a new user login and assign permissions from ground up. To make
> sure I am making mistakes in testing. But got stuck in process of
> creating
> meaning full user login id.
>
> I created a new user login "testsecurity" pwd "veryhard". user login is
> Enabled,
>
> Created a new Security Group "SECDEV" gave following permission
>
> [WORKEFFORTMGR_ADMIN] ALL operations in the Work Effort Manager.
> [WORKEFFORTMGR_UPDATE] Update operations in the Work Effort Manager.
> [WORKEFFORTMGR_VIEW]
>
>
> When I tried to login in ofbiz, I get following error.
> Login for this application couldn't be completed (required permissions
> missing).
>
> I looked around to find some documentation on this but didn't get much
> success. Can somebody help me in with this!
>
> Regards
> Anil Patel
>