Hi Developers!

Want to raise security discussion today!

Let's discuss how InterSystems security for applications works. In general, the concept is clear: we have Resources (what to protect), Roles which combine a set of privileges and accesses to Resources and Users which can have this or that Role.

But there is also a concept of Application which also could have a Role.

So you either provide a Role for a User or for an Application.

What do you use in production? What is your strategy and why? Pros, cons?

00
0 4 99