#Access control

Hi,

I will try to explain my problem. I have a Main ZenPage on one server that has 2 buttons: each button will launch a different ZenPage on a separate server in an iFrame. All 3 servers have the same user.

Currently, the user logs in to the Main ZenPage, but when they click either button to launch the other ZenPage on the separate server they get the login screen again to login to that server.

Is there anyway I can pass the credentials from the Main ZenPage to the child ZenPages, so that the user doesn't have to login again? Thanks.

The ideal number of table permissions to assign for your users is zero. Permissions should be granted upon sign-in based on the application used for access. For web applications, we have a simple way of doing this by appointing application roles, matching roles, and required resources in the System Management Portal.

ODBC and JDBC connections present a different problem, however, especially when third-party applications are involved. As providers of an ERP system, our customers often wish to be able to employ various software packages to integrate with or report on their data. Many of these programs are capable of running any kind of query. Yet, letting them do that can be devastating to a customer’s data.

Here in %SYS, we have already examined users, resources, and roles. Now that we know how to set all of that up, we should give it a purpose. Next we will talk about applications! As you may expect, we will see various identical class methods defined here that we have seen in the previous classes. However, some of them will have some tiny yet significant differences.

I am trying to lock down security within our Development environment per requirements from a Security Audit that was done earlier this year. I need to try to limit access at a public level, access to cache users, and exposure.

I installed IRIS with the Lockdown method, and have configured my web applications, services, resources, etc.

When I go into my namespace, I am constantly presented with the following error when I try to start or stop an Object...

Have you ever thought of creating your own systems for editing users or, perhaps, even an API that you can call?

Hey Community,

Tired of entering login-password during the docker build with your InterSystems IRIS every time?

There is a handy way to turn it on and off – use the passwordless zpm module.

Watch this video to explore how to use the passwordless ipm module to turn on and off entering login-password during docker build with your InterSystems IRIS:

⏯️ Passwordless mode for development with InterSystems IRIS

https://www.youtube.com/embed/ygIJsTMO0Gw?controls=0
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]

Why I decided to write this

Recently I had the challenge to create a secure authentication method to authorize access to some data, but unfortunately I had zero experience with those security configurations and I felt that I was missing some basic concepts to have a better understanding of the official documentation.

After studying and managing to deliver the classes that I was asked to develop, I'd like to share a little bit of my new knowledge, which helped me follow the topics in the documentation.

When creating a PRA (Privileged Routine Application; which by the way is not relevant just for Routines but also for Classes/Methods), it is important to make sure you include a new $ROLES, before calling

In this article, I’d like to present details of which technologies we had been using to develop our application for the IRIS for Health Contest:

Is there a way to add specific table permissions to a security role programmatically? I'm working on scripting some of the initial setup work when we sell certain add-ons to our software, and I see how I can assign resources to a role and give it a description, but I don't see how I tell it that this role gives the user, for example, SELECT privileges only on the invoices table, or SELECT, INSERT, UPDATE, and DELETE.

I am trying to secure a rest service but I lack the understanding of how to achieve this if anyone will explain in details how I could achieve the following:

Securing The REST Service with Basic Auth (username and password)

if any one has a sample code on this will appreciate

Many password requirements can be enforced using a password validation routine which is available to implement in System Management Portal. But how about this one:

Check that at least 50% of the characters changed from old password to new password.

We need to have access to the old password to check this, currently password validation routine only gets the new password.

Hi anyone has created the user roles for UCR pls share details like if we want to create following roles what access rights should be give to each role.

UCR Admin - This user can stop/start productions, can enable/disable services, can run sql queries, can make changes in facility registries, assigning authority and other configuration.

UCR Developer - This user can add new services in the production but can not make any change in the registires and other configuraiton

I'm VERY novice on all things "OpenAM", and beyond knowing that Caché supports working with OpenAM, I have nothing else to go on.

The documentation doesn't seem to be very deep on the nature of how this works beyond a single paragraph saying it's supported for Single Sign On (SSO).