WaveMaker Visual AJAX Studio 4.0 Training Role Based Access Control
What is Role Based Access Control • Referred to as RBAC (R-BACK) • Only available in the commercial addition of WM • The ability to control application at run-time based on a users Role without writing and maintaining a bunch of “if…then” statements. • Example: • Jill is a manager: He has the right to view Salary information • Joe is a employee: He can not view Salary information
What is Role Based Access Control • RBAC allows you to • Allows you to control at the widget level the visibility of content on a page • RBAC does not • Allow to control who can execute which services • Allow to control whether a piece of data is read-only or editable
Using Role Based Access Control • Once security is enabled RBAC is available • Define Roles • Can be manually added or imported • Each widget now has a security property • Put a check next to each role which is allowed to view a widget • For container widgets which contain other widget’s • if the container is not visible then nor are any of it’s children • If a container is visible you can 0:M of it’s children can be hidden.
Defining Roles • Roles are defined manually • Whether you are using Database authentication, LDAP or the Demo system • The roles to be used by the application must be manually entered under Role Configuration
Determining a User’s Role User roles are determine at Login Database Roles Can be stored in the same table as usernames/passwords Can be fetched using a database query. This is useful if they are stored in separate table
Determining a User’s Role User roles are determine at Login LDAP Must define the LDAP groups to be searched Work with your Directory Admin
Applying RBAC to widgets • Select Widget on Canvas • In the Properties Tree, click Security • Select which users can view this Widget • By default, Everyone has access • It is that easy!!!
Exercise 11 • Enable security • Add security to Widgets