MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » February 2013

Re: How to secure IBM Navigator For I



fixed

Lorne,

Your requirements are very worthwhile in my view. You should use the COMMON Requirements process to put the requirements into the CAAC and get them to consider it. I'll bet it will be looked at with much favor.

Jim Oberholtzer
Chief Technical Architect
Agile Technology Architects

On 2/6/13 4:28 PM, Lorne Sturgeoff wrote:
Thanks, Jim.

What I'd really like is to be able to specify which user profiles have
access to the Web application and then, within the application, I'd like to
be able to control which functions appear on the left panel. Some users only
need Basic Operations. They don't need to know that the other stuff exists.

We have attempted to secure the underlying commands where possible and we
have invoked Application Administration for those items that it covers.
Application Administration will create an access error if someone tries to
access something for which he/she is not authorized but it will not mask
those items in the web app.

Cheers,
Lorne.

"Jim Oberholtzer" wrote in message
news:mailman.14253.1360186671.10847.midrange-l@xxxxxxxxxxxx...

What Rob is pointing out is the Application Administration is
independent of the thick client or the web based client. It will act on
both.

You are correct that the Application is not quite granular enough at
some levels but it can block most things. You'll need to look to the
underlying commands and APIs to really restrict those functions. You can
start by making sure your users do not have *JOBCTL or *SPLCTL. That
will go a long way to achieving what you want if I understand the
requirements properly.

Jim Oberholtzer
Chief Technical Architect
Agile Technology Architects

--






Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact