The purpose of this section is to allow maintenance of users, roles, and permissions to access KBs in GXserver.
GXserver security implies two basic concepts: Authentication and Authorization.
It constitutes the instance of connection between the user and GXserver, with the possibility of two types of authentication: Local or GXtechnical.
- Local. In its database, GXserver has information on the users that have been created in this manner (local).
- GXtechnical. Logging against an account existent in gxtechnical.com is possible as well as creating a new one.
Note: Authentications are configured in the Advanced tab.
It consists of the permissions associated with each user, oriented at privileged permissions at the level of each KB hosted (for instance, view-only permission, or permission only for updating, or for editing, documents, etc.), and at the level of GXserver itself (for instance, managing security, user controls, patterns, etc.).
Note: It is important to clarify that Authentication and Authorization are two concepts not related to one another.
Following is an in-depth explanation of the tasks available in this tab. However, if you need quick access to creating a user in its basic form, see Creating New Users.
As shown, there is a button available to navigate throughout the user list. To the right of the group is a filter to limit the user’s search pattern.
The icon is for opening a window to create or maintain users.
The only mandatory fields are User Name and Password. New users are assigned the role defined in GXserver by default, which, as shown further ahead, is configured as default by the user with maximum privileges in the installation. (To change the user’s role see Editing Users below. To change the default role of the installation see Advanced tab).
With the mouse, select a user from the user list to open a window where you can edit your data. Press the Edit button, make any changes necessary and then Save to save the data or Cancel if you decide to ignore the data.
Note: In local authentication mode, the user with maximum privileges (admin) may modify any of the fields shown on the image.
Note: admin users permissions cannot be modified.
To eliminate a user select it from the list, press the icon and then confirm the task.
Note: Only a user with "Server ManageSecurity" permissions can delete and create users, and the admin user cannot be deleted.
Roles are defined as the activities for which users are enabled, regardless of the type of authentication (GXtechnical, local, or combined). To find out about the privileges of each default role installed by GXserver see GeneXus Server Roles and Permissions.
To create a new role, press the icon and load a descriptive name for it of up to 40 characters and then press Create.
Note: There are no restrictions for creating more than one role with the same name.
The privileges of roles are configured by the permissions which are in turn modified in that site. Also, permissions are at the KB and GXserver levels only (not on users). For instance: the following image shows, for the KBAdmin role, the permissions configured for working with the KBs and those referring to GXserver.
Find out about the role permissions on KBs and GXserver at GeneXus Server Roles and Permissions.
To edit press the Edit button, make any changes necessary and lastly if you wish to confirm the changes press the Save Changes button.
Different aspects are configured in this sector, like:
Default Role. This combo box allows determining the default role for every new user.
Authentication Types. Allows the definition of the authentication installation type (GXtechnical or Local) that GXserver will assume.
RSS enabled: enables or disables the GeneXus Server RSS Services, by default it is disabled.
Note: both types may be selected at the same time.