Client Security

The Client Security tool in AEM is used to configure the User Authentication and Appeon Workspace securities. This tool is only effective when the Security Toggle is on in System Security.

Figure 137. Client Security

Client Security

User Authentication

User Authentication is a tool to configure the security of the Appeon deployed applications. All the deployed applications are listed in the tool and are configured individually.

Figure 138. Application Security

Application Security

Viewing the current settings

1) View the current application security settings for all applications available in the User Authentication page.

  • Application Name -- Lists the names of all the deployed applications. The names are automatically registered with AEM when an application is deployed by Appeon Developer to the Appeon Server.

  • Configured Groups -- The number of groups with access rights to the Appeon Web or Appeon mobile application.

    To view the names of the groups, click the link at the application name. To view details of the groups, go to the Group Management page.

  • User Authentication -- Shows the security mode for the user authentication. This is only effective when the Security Toggle is on in System Security.

    "Security on" explicates that the user will be prompted to enter the username and password when accessing the selected application, while "Security off" requires no username and password for the application access. You can click the link of an application name listed in the User Authentication table and switch the security mode in the page that displays subsequently.

2) View the details of the current application security settings for a single application, by clicking an application. The detailed security settings for the selected application are displayed.

Figure 139. Detailed security settings for an application

Detailed security settings for an application

As the following table shows, different application security settings determine different security behaviors in an Appeon application.

Table 28. Application security settings and security behaviors in an Appeon application

User Authentication

A Given Group

Security behaviors in an Appeon application

Off

Assigned

All users can access to an Appeon application without being prompted for a user name or password.

Unassigned

On

Assigned

Users of an assigned group have access rights to a Appeon application and they are prompted for user names and passwords when loading an Appeon application.

For offline applications, you are only prompted for user names and passwords when connecting to the database.

Unassigned

Users of an unassigned group do not have access rights to the Appeon application.


Modifying the security settings of an application

The user can enter the security-setting page of the application by clicking an application name link on the User Authentication page.

With the LDAP security type selected, the security-setting page automatically loads the latest user and group information from the specified LDAP server. If changes are made to users and groups at the LDAP server, you can use the Refresh button (on the Internet Explorer toolbar) to include the latest update to the page.

With the Appeon security type selected, the security-setting page loads user and group information from AEM Group Management and User Management.

In this page, you are able to:

  1. Skip the system login window when loading the application

    Set the user authentication to Security Off in the Application Security group box. By default, the "Security Off" option is selected. This assumes that all users can access an application without user authentication.

  2. Display the system login window before loading the application

    Set the user authentication to Security On by selecting the Security On radio button.

  3. Display a custom login window before loading the application

    Set the user authentication to Security Off in the Application Security group box; keep the System Security setting as On and set the Security Type setting to LDAP Security in the System Settings tool; write codes in the PowerBuilder program to call "appeonldaplogon" function to display a custom login window for LDAP security login. For details, refer to the section called “AppeonLDAPLogon function” in Workarounds & API Guide.

  4. Assign a group to the application

    Select a group from the Unassigned Groups list. Click the forward button (>>>) to shift the group to the Assigned Groups list.

    By default, all the groups are listed in the Unassigned Groups list. The groups are read from the Appeon Server (if the security type is Appeon security) or the LDAP server (if the security type is LDAP security) in use.

  5. Unassign a group from the application

    Select a group from the Assigned Groups list. Click the back button ("<<<") to shift the group to the Unassigned Groups list.

    Click the Save button to apply changes.

Appeon Workspace

Appeon Workspace security settings for each application are configured individually. The Appeon Workspace Security Settings are ignored if the Appeon Workspace table in AEM is set to Off.

Figure 140. Appeon Workspace application security

Appeon Workspace application security

Setting Appeon Workspace

Step 1: Click on an application name, and the Appeon Workspace page appears.

Figure 141. Configuring Appeon Workspace

Configuring Appeon Workspace

Step 2: Select the Security Off radio button to set the security off, or select the Security On radio button to set the security on.

If the security is set to On, only assigned users have rights to access the application.

Assigning access permissions

To assign access right of an application to a specific user group, click on the application. In the Appeon Workspace Permissions table, move the group you intend to assign access right to in the Unassigned Group list box to the Assigned Group list box.

If you want to deprive access right from a specific group, just move it from the Assigned Group list box to the Unassigned Group list box.

Note: For offline applications that start up offline (the startup mode is Offline), if the Apppeon Workspace Security Settings is set to Security On, and if the application runs on an unassigned device, all operations that need to access the Appeon Server are forbidden.