CodeCharge Studio

Implementing Security

A necessary prerequisite to the implementation of any security within a project is the creation of a login page to authenticate users.

To create a security login page:

  1. Select the Login Page from the Home tab.
  2. If you want to add a login form to an existing page, you can use the Authentication Builder to create the form within the page. Once you have a login page in the project, you can configure the project security settings.

Project Security Settings

To setup security for a project:

  1. You need to specify the database table and fields that contain the user information. This is done using the Security and Security Groups sections of the Project Settings windows.
  2. In the Security section, you have to specify the database table that contains the user details as well as the fields within the table that contain particular information. This information includes:
  3. By clicking the "Advanced..." button you can open the Advanced Security Settings dialog where you can configure additional parameters, such as the names of session variables associated with an authenticate user, password encryption, and the 'Remember Me' feature.

By default, session variables are created for the User ID Variable, User Login Variable and Group ID Variable only. If other session variables are to be used you need to write custom code for them. Please see the Create Custom Session Variables example.


Security Groups

If the site users are categorized into different groups, you can use the Security Groups section to setup group ID's and names. The Group ID values should correspond to the database field that specifies the group to which each user belongs.

The group ID's are setup in a hierarchical manner such that users with a higher group ID have more security clearance than users with a lower ID. If this is the case, you can check the Higher Level Inclusive of Lower Levels checkbox so that users with a higher group ID can access all the pages that are accessible by users with a lower group ID.

You can uncheck the Higher Level Inclusive of Lower Levels checkbox if you want each group ID to be strictly allowed to access pages designated for that group only. In this case, a user with a group ID such as 3 will not be able to access a page designated for any other group ID.

Page Level Security

You can specify the users who are allowed to access a page by using the Restricted property of the page in the page Properties window. When the Restricted property is set to No, all users can access the page without having to login.

  1. If the Restricted property is set to Yes, you can click [...] next to the property to further specify the groups that are allowed to access the page.
  2. The Page Security Groups window shows the various groups that are currently setup and allows you to specify which groups should be able to access the page. For instance, users belonging to the Admin group can access the page but not users belonging to the User group. You can also click on the Groups... button to add new groups.

Form Level Security

Apart from setting security at the page level, you can also set form level security. This is done using the Restricted property of the form.

  1. Click [...] next to the Restricted property to set the groups that should be allowed to access the form. The extent to which the groups can be configured depends on the type of form.
  2. In the case of record forms, you can set group access based on the different operations that can be performed in a record form. The four operations are Read, Insert, Update, and Delete. A group with Full access is able to perform all the four operations.

    When setting security at the form or the page level, note that giving access to all groups is not the same as not setting any security at all. If all groups have access, each member of any of the groups is still required to login. This means that people who are not registered in the database will not be able to access the form or page.

See also

On-line, printable versions and updates