Apply secured access control to a resource

There are two kinds of resources you may wish to protect. In both cases, the goal is to restrict access to the resource from the Internet/Intranet.

• Web pages
• Workflow forms

In both cases, the configuration panel shows a field labeled security, which default to Public access.

Create a custom user directory

Custom user directory are a critical piece of managing user information. They are used throughout Business Pilot for the following:

• Store users profiles
• Protect online resources in the web site section
• Restrict access to some workflows online

Custom directories definitions rely on an existing user directory database back-end (see user manual). They filter users from the back-end database table based on a rule that you define. For instance, let's imagine that you have users stored in the database table serving as a directory back-end. You then want to create a custom directory where only users with an email address ending with "e;mycompany.com"e;, for instance to idenfy your employees. A user will belong to your custom directory only if that rule is valid for this user.

This technique allows for the creation of multiple and unique custom directories, while keeping a single data source (the database back-end) to store the users. This eliminates many maintenance headaches. For instance, if John Doe is both an employee and a customer, then he would belong to two custom directories. Because his information is stored in only one place, if he ever wanted to change his password, for example, there would only be one update needed. The illustration below shows the relationship between a directory back-end and the custom directories.

To create a new custom user directory, you must have a user directory database back-end. Select the User Directories folder in the repository view. Then pick Database->Create custom user directory from the main menu bar. Follow the instructions on the wizard to create the directory and the filtering rule.