Re: 4D Authentication Strategy...

2019-01-09 Thread Tim Nevels via 4D_Tech 
On Jan 9, 2019, at 11:08 AM, Tom Benedict  wrote:

> You have clearly a lot of experience with this, and I have none, so I 
> probably shouldn’t have joined the thread. However, I have a long standing 
> interest in SSO and Authentication in general. 
> 
> What I’ve found, after working many years for a large enterprise organization 
> which has very high information security standards, is that System 
> Administrators don’t like custom user access systems and Auditors like them 
> even less. What they do like are things like Active Directory and LDAP. So my 
> point is that any 4D app in an enterprise environment should use the 
> enterprise standard. Now that 4D has the tools to use Active Directory, they 
> should be used exclusively, without any custom feature access management 
> buried inside the application. System Administrators want to set access 
> privileges in Active Directory, not in 4D (and they definitely don’t want to 
> do it both places). I’ve never done the work in 4D, so I don’t have any 
> implementation details on how this would be done in 4D, but it appears, from 
> the 4D Blog posting, that v17R3 can do this.

Hi Tom,

You can remove all users and access privileges from 4D and put time into Active 
Directory. You may have to create some Custom Active Directory Attributes to 
store the information needed for you access privileges — what groups a user 
belongs to as an example. Then you can use the 4D LDAP commands to query Active 
Directory for this information in the users account. It is totally doable with 
v17. 

I asked client that I have implemented the 4D SSO system I’ve been talking 
about if they wanted to move everything to Active Directory. We talked about 
what custom attributes would need to be created and the cost to do all of this. 
They decided to start with just the authentication part and leave the user 
access privileges in 4D for now. At some point in the future we plan to move 
all the user privileges out of 4D and put them into Active Directory. 

Tim

*
Tim Nevels
Innovative Solutions
785-749-3444
timnev...@mac.com
*

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: v13+ - Hidden tables

2019-01-09 Thread Chip Scheide via 4D_Tech 
Thanks!

On Wed, 9 Jan 2019 07:44:23 -0800, Tom Benedict wrote:
> Hi Chip,
> 
> Here’s a link which may help:  
> https://doc.4d.com/4Dv15/4D/15/System-Tables.300-2288116.en.html 
> 
> 
> Tom Benedict
> 
>> On Jan 9, 2019, at 07:05, Chip Scheide via 4D_Tech 
>> <4d_tech@lists.4d.com> wrote:
>> 
>> Is there documentation regarding the hidden tables, such as 
>> _USER_CONSTRAINTS, of a structure?
>> If so where?
>> 
>> 
>> Thanks
>> Chip
>> ---
>> Gas is for washing parts
>> Alcohol is for drinkin'
>> Nitromethane is for racing 
>> **
>> 4D Internet Users Group (4D iNUG)
>> Archive:  http://lists.4d.com/archives.html
>> Options: https://lists.4d.com/mailman/options/4d_tech
>> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
>> **
> 
---
Gas is for washing parts
Alcohol is for drinkin'
Nitromethane is for racing 
**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: 4D Authentication Strategy...

2019-01-09 Thread Tom Benedict via 4D_Tech 
Hi Tim,

You have clearly a lot of experience with this, and I have none, so I probably 
shouldn’t have joined the thread. However, I have a long standing interest in 
SSO and Authentication in general. 

What I’ve found, after working many years for a large enterprise organization 
which has very high information security standards, is that System 
Administrators don’t like custom user access systems and Auditors like them 
even less. What they do like are things like Active Directory and LDAP. So my 
point is that any 4D app in an enterprise environment should use the enterprise 
standard. Now that 4D has the tools to use Active Directory, they should be 
used exclusively, without any custom feature access management buried inside 
the application. System Administrators want to set access privileges in Active 
Directory, not in 4D (and they definitely don’t want to do it both places). 
I’ve never done the work in 4D, so I don’t have any implementation details on 
how this would be done in 4D, but it appears, from the 4D Blog posting, that 
v17R3 can do this.

Having said that, I think there are lots of places where ‘hybrid’ systems like 
the ones you’ve described are appropriate.

BTW, at my previous employer, a Fortune 6 company, the term SSO meant that you 
had one username and password which you had to enter every time you logged into 
an application. That’s not the traditional definition of SSO, and I was annoyed 
every time I had to log in using the “Single Sign On” dialog! So, there seems 
to be a range of definitions for SSO. 

Tom Benedict

> On Jan 9, 2019, at 08:25, Tim Nevels  wrote:
> 
> On Jan 8, 2019, at 10:36 AM, Tom Benedict  wrote:
> 
>> Here’s a link to instructions on how to set up a test Active Directory 
>> instance which might work for your testing. I haven’t tried it yet. 
>> https://auth0.com/docs/connector/test-dc It might help.
>> 
>> As far as switching between 4D Authentication and SSO, I’m thinking that 
>> would be very useful. Even Microsoft SQL Server offers the option of 
>> Authentication via Windows Login (Active Directory) or SQL Server Login at 
>> client login time. The documentation doesn’t mention that kind of support 
>> though. 
>> http://doc.4d.com/4Dv17/4D/17/Single-Sign-On-SSO-on-Windows.300-3743254.en.html
>>  I haven’t verified this.
> 
> Hi Tom,
> 
> It is up to you the 4D Designer and developer of your application to do the 
> switching. You must do this via programming code and settings changes you 
> make in the Design environment. 4D’s SSO implementation is just to make the 
> “Current client authentication” command work. That’s it. 
> 
> You say “switching between 4D Authentication and SSO”, but exactly what do 
> you mean? Is “4D Authentication” mean using the built in 4D User and Groups 
> system and the dialog box that 4D provides when you have assigned a password 
> to the Designer user?
> 
> What do you mean when you say “SSO”? Are you saying you have turned on the 
> “Authentication of user with domain server” checkbox? Because once you turn 
> on that checkbox your database continues to function exactly the same as if 
> it is off. Nothing new happens. 
> 
> If your database shows the 4D User dialog box to allow selecting a user and 
> typing in a password, turning on the “Authentication of user with domain 
> server” checkbox will not change that. The dialog box will still be displayed 
> to users when they try to connect to 4D Server. 
> 
> You must change your database so that it does not display the 4D User login 
> dialog box. You must make that stop appearing by using the “Default user” 
> option.  
> 
> https://doc.4d.com/4Dv17/4D/17/Setting-a-Default-User.300-3743513.en.html
> 
> Then you can write code in your “On Startup” method to call the “Current 
> client authentication” command and do something with the information it 
> returns. You decide via your programming code whether to let the user get 
> into your application or you call “QUIT 4D” and not let them in. 
> 
> Tim
> 
> *
> Tim Nevels
> Innovative Solutions
> 785-749-3444
> timnev...@mac.com
> *
> 

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: 4D Authentication Strategy...

2019-01-09 Thread Tim Nevels via 4D_Tech 
On Jan 8, 2019, at 6:38 AM, Robert ListMail  wrote:

> Right, I understand the SSO as originally explained—that was very helpful. 
> Yet, for testing purposes at my location (without the authentication server) 
> or at the client site when you might need to login as a specific user, how 
> might you switch to/from SSO or not? I suppose there is an authentication 
> sequence used by 4D where it tries to use SSO if the checkbox is checked in 
> preferences and if no server is found or the authentication 4D code is not 
> called then the traditional built-in 4D Password system will be in effect? 
> See? I’m not sure how to switch or when SSO is automatically in play.

Hi Robert,

When you turn on SSO on 4D Server with the “Authentication of user with domain 
server” checkbox, that just makes the “Current client authentication” command 
work. That’s it. Turning on that checkbox does not automate anything for you. 
The name of the checkbox may make you think that 4D will do something for you 
when you turn it on, but it really does nothing but make a single command 
return a value you can rely on. 

You are in control of everything. There is nothing handled for you 
automatically. You program your 4D application to work the way you want it to 
work. It is all up to you.  You must write code to do what you want. 

Seems like people think that turning on the “Authentication of user with domain 
server” checkbox on 4D Server will cause 4D to do something for you. Do some 
work for you. Make something happen for you. It doesn’t. All it does is make 
“Current client authentication” command return a value on Windows that you can 
trust. 

How you use the information from the "Current client authentication” command is 
completely up to you. 

Tim

*
Tim Nevels
Innovative Solutions
785-749-3444
timnev...@mac.com
*

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: 4D Authentication Strategy...

2019-01-09 Thread Tim Nevels via 4D_Tech 
On Jan 8, 2019, at 10:36 AM, Tom Benedict  wrote:

> Here’s a link to instructions on how to set up a test Active Directory 
> instance which might work for your testing. I haven’t tried it yet. 
> https://auth0.com/docs/connector/test-dc It might help.
> 
> As far as switching between 4D Authentication and SSO, I’m thinking that 
> would be very useful. Even Microsoft SQL Server offers the option of 
> Authentication via Windows Login (Active Directory) or SQL Server Login at 
> client login time. The documentation doesn’t mention that kind of support 
> though. 
> http://doc.4d.com/4Dv17/4D/17/Single-Sign-On-SSO-on-Windows.300-3743254.en.html
>  I haven’t verified this.

Hi Tom,

It is up to you the 4D Designer and developer of your application to do the 
switching. You must do this via programming code and settings changes you make 
in the Design environment. 4D’s SSO implementation is just to make the “Current 
client authentication” command work. That’s it. 

You say “switching between 4D Authentication and SSO”, but exactly what do you 
mean? Is “4D Authentication” mean using the built in 4D User and Groups system 
and the dialog box that 4D provides when you have assigned a password to the 
Designer user?

What do you mean when you say “SSO”? Are you saying you have turned on the 
“Authentication of user with domain server” checkbox? Because once you turn on 
that checkbox your database continues to function exactly the same as if it is 
off. Nothing new happens. 

If your database shows the 4D User dialog box to allow selecting a user and 
typing in a password, turning on the “Authentication of user with domain 
server” checkbox will not change that. The dialog box will still be displayed 
to users when they try to connect to 4D Server. 

You must change your database so that it does not display the 4D User login 
dialog box. You must make that stop appearing by using the “Default user” 
option.  

https://doc.4d.com/4Dv17/4D/17/Setting-a-Default-User.300-3743513.en.html

Then you can write code in your “On Startup” method to call the “Current client 
authentication” command and do something with the information it returns. You 
decide via your programming code whether to let the user get into your 
application or you call “QUIT 4D” and not let them in. 

Tim

*
Tim Nevels
Innovative Solutions
785-749-3444
timnev...@mac.com
*

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: v13+ - Hidden tables

2019-01-09 Thread Tom Benedict via 4D_Tech 
Hi Chip,

Here’s a link which may help:  
https://doc.4d.com/4Dv15/4D/15/System-Tables.300-2288116.en.html 


Tom Benedict

> On Jan 9, 2019, at 07:05, Chip Scheide via 4D_Tech <4d_tech@lists.4d.com> 
> wrote:
> 
> Is there documentation regarding the hidden tables, such as 
> _USER_CONSTRAINTS, of a structure?
> If so where?
> 
> 
> Thanks
> Chip
> ---
> Gas is for washing parts
> Alcohol is for drinkin'
> Nitromethane is for racing 
> **
> 4D Internet Users Group (4D iNUG)
> Archive:  http://lists.4d.com/archives.html
> Options: https://lists.4d.com/mailman/options/4d_tech
> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
> **

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

v13+ - Hidden tables

2019-01-09 Thread Chip Scheide via 4D_Tech 
Is there documentation regarding the hidden tables, such as 
_USER_CONSTRAINTS, of a structure?
If so where?


Thanks
Chip
---
Gas is for washing parts
Alcohol is for drinkin'
Nitromethane is for racing 
**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: Property List

2019-01-09 Thread Keisuke Miyako via 4D_Tech 
perhaps you are using TeamViewer QuickConnect

https://kb.4d.com/assetid=77767

2019/01/09 23:41、stardata.info via 4D_Tech <4d_tech@lists.4d.com>のメール:

Hi all,

I use 4D V13.4 for one my application on windows.

If i chose to see the Property list in the designer environment for one form, 
the window

of property list is fixed and I cannot change the dimensions and i cannot close 
using the cross

in the title of property list window. Does someone have suggestions?



**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Property List

2019-01-09 Thread stardata.info via 4D_Tech 

Hi all,

I use 4D V13.4 for one my application on windows.

If i chose to see the Property list in the designer environment for one 
form, the window


of property list is fixed and I cannot change the dimensions and i 
cannot close using the cross


in the title of property list window. Does someone have suggestions?

Thanks
Ferdinando

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: Subject: Re: Amazon EDIFACT/X12 Gateway

2019-01-09 Thread Peter Jakobsson via 4D_Tech 
Hello Jim

I just saw this message. Thanks for replying - interesting case.

Regards

Peter

> On 7 Jan 2019, at 16:45, Jim Medlen via 4D_Tech <4d_tech@lists.4d.com> wrote:
> 
> We have an account with OpenText an EDI VAN (Value Added Network)
> We use their software to Send and receive EDI documents.

**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**

Re: v13- Chasing Relations

2019-01-09 Thread Pat Bensky via 4D_Tech 
Chip,
I think you would have to
- Iterate through all the tables and all their fields
- Build a map of all the relations (maybe a simple pair of arrays for the
parent and child table numbers) with GET RELATION PROPERTIES
- then you'll easily be able to check the map to find out what's related to
what

Sounds a bit long-winded but it should be fairly fast.

Pat



On Tue, 8 Jan 2019 at 21:58, Chip Scheide via 4D_Tech <4d_tech@lists.4d.com>
wrote:

> Thanks!
>
> As you might guess from the pseudo code, I am looking to have some
> generic code to check for record dependencies before doing something
> (most likely deletion)
>
> So, given a record in [Table], I want to follow (1 level) all relations
> to check for related record dependancies, and kick back a
> warning/boolean that there are/are not dependancies.
>
> Chip
>
> On Tue, 8 Jan 2019 21:38:06 +, Keisuke Miyako via 4D_Tech wrote:
> > I follow every 1-to-n and n-to-1 relations in this component
> >
> > https://github.com/miyako/4d-component-classic-query-editor
> >
> > mind you, relations can be circular...
> >
> > 2019/01/09 5:47、Chip Scheide via 4D_Tech
> > <4d_tech@lists.4d.com>のメール:
> >
> > --- if there are 1 or more relations, I want 'follow' each relation to
> > determine if there exists 1 or more related records at the other end of
> > the relation - I am not sure I know how to do this
> >
> >
> >
> > **
> > 4D Internet Users Group (4D iNUG)
> > Archive:  http://lists.4d.com/archives.html
> > Options: https://lists.4d.com/mailman/options/4d_tech
> > Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
> > **
> ---
> Gas is for washing parts
> Alcohol is for drinkin'
> Nitromethane is for racing
> **
> 4D Internet Users Group (4D iNUG)
> Archive:  http://lists.4d.com/archives.html
> Options: https://lists.4d.com/mailman/options/4d_tech
> Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
> **



-- 
*
CatBase - Top Dog in Data Publishing
tel: +44 (0) 207 118 7889
w: http://www.catbase.com
skype: pat.bensky
*
**
4D Internet Users Group (4D iNUG)
Archive:  http://lists.4d.com/archives.html
Options: https://lists.4d.com/mailman/options/4d_tech
Unsub:  mailto:4d_tech-unsubscr...@lists.4d.com
**