Dealing with security credentials Form

aklass · August 24, 2023, 9:59pm

I would like to ask if anybody has a big project with many (300+ Apps), and if so how you deal with the security assignments ?

There is this Groups_Apps App generated with the SC wizard which is simply a Form allowing assigning the priveledges to specific Apps (I use Groups). It works OK, but there is a problem maintaining the assignments. I have a project with over 250 tables and 400+ Apps.
Going through each App and each group and assigning it manually would take few hours. I have my custom method of doing it but it is not perfect and still takes to much time. I wonder if somebody has developed some simpler method.

Another problem is that I have Apps named accodring to soem schematics. For example all apps for Customer will look like: CU_AppName1, CU_AppName2 etc… For security SE_AppName1, SE_AppName2 and so on…

When I do search and want to filter the list by “CU_” string or “SE_” string I get some unexpected results. I cannot then simply select quickly all Apps from the filtered list and assign priveleges.
I know it is caused by “_” character, but unsure how to deal with that…

aamartinezz · August 25, 2023, 6:35pm

Hi

I implemented an intermediate step
I assign each application to a role or group of applications, and I give permissions by roles and automatically update the permissions table.

I’ve 1.000 apps…

regards.

aklass · August 31, 2023, 5:01am

OK, so I assume you modified the “applications” table to add extra group column ?
I was thinking about this but I noticed some wired behavior. Whenever I modify any of the default security tables later on I get into some problems. Scriptcase has some encrypted procedures which affect those tables and there is no way to figure out whet they do because the code is obfuscated by their internal (third-party) library.

aamartinezz · August 31, 2023, 1:46pm

I haven’t had issues with that.
I changed sec_apps for other table and I use other table for setup the permissions (sec_groups_roles). Whe I change permissions here, I change the original table sec_groups_apps.
When you login, sec_groups_apps is processed and the permission given to the users as usual.

When I need to add a new app I created a blank application that insert the application.
I don’t use security module of SC anymore.
I implemented MFA and SAML with external libraries.

it works fine.
regards.