I already posted this in “feature request” but had no comments so I try here.
This is the scenario: a single servoy server hosts multiple solution. The solutions are password protected and each solution could be accessed only by some users and not the others. Maybe some users are in 2 or more security groups so they can access more solutions.
This is the problem: when I develop a new solution I create a security group and set access privileges but when I export the solution and import in the server I see users in other groups have full access to the new solution.
It seem each solution knows about user groups defined for it in the developer, but ignore (and then permit access) to the other groups.
These other groups may come from other solutions possibly developed on another PC…
So it seems impossible to have a full controll on who can access a solution.
I think this could be solved if by default all security groups have access denied on all solutions and databases and the developer have to assign the privileges it wants (by now it seems servoy works in the opposite way). This is because the developer could not know the groups in the server.
Please could you comment on this?
Maybe I misunderstood something?
Could please anyone at Servoy B.V. comment on this?
I’m really interested in this topic too, any official comments?
I don’t uderstand why nobody have something to say…
I avoid this whole situation by “rolling my own” security in my own tables. Is MUCH easier and you still have tons of control.
As to this feature request - we CANNOT POSSIBLY respond to each and every 22,000+ posts on this forum. We DO read them - and we appreciate the comments, suggestions and feature requests.
We are trying to get 2.2 out the door and it’s an “all hands on deck” endevour. Once we’re done with the release perhaps the product manager or lead engineer will address your post.
Sorry - that’s the best I can do at the moment.
As to this feature request - we CANNOT POSSIBLY respond to each and every 22,000+ posts on this forum. We DO read them - and we appreciate the comments, suggestions and feature requests.
Ok, but this is not only a feature request but even a help request because I ask if I’m wrong…
I don’t pretend a quick reply but the original post is 05 May…
Moreover, because I’m not able at the moment to use integrated security I already made as you say: I implemented my own security.
But I would be very happy if you could explain how integrated security works in the situations I exposed and if there is or not a solution for this…
Yes this is a know issue.
We can’t change it as easy because all the solution are working now on the idea that you have all the rights except when you are using groups..
We will fix this by making a group->solution login table so that you can say what group (and therefore a set of users) can login to that solution.
Then we will also make it possible to force users to login BEFORE you see the solution dialog so that that list is filtered to only the solutions he may enter.
this won’t happen anymore for 2.2. but a release after that
Thank you.
At least I know how you are moving.