Hello Phil; The first two turn out to be closely related. The place to look for documentation on this is the TBL Admin Guide (http:// www.topquadrant.com/docs/tbl/tbladmin/index.html), but I've noticed that the 3.5 version isn't up yet. We'll work on that.
1 & 2) To control access to the admin tools, set permissions on the All Management Information item. For example set "May be read by" to "manager" and "May not be read by" to "everyone". Same for modify. Save and refresh the browser before checking the Final Permissions page. 3) It's not clear to me what the TBLUser is. It can be safely ignored. The roles defined in your LDAP server will appear as instances of Roles. 4) This is a characteristic of container managed security from the Servlet specification. The system will not know about users until they have logged into TBL. -- Scott On Jun 2, 4:29 pm, Phil <[email protected]> wrote: > We are currently using LDAP in conjunction with security roles > assigned via the "Access Control" menu option to secure the various > applications. However, we have several questions about the use of the > permissions editor and could not find any documentation either online > or within the TBL installation .zip file. > > First - how do we control access to the adminstrative tool itself? > For example, how do I configure permissions such that an end user > can't reconfigure the security screens himself? Or prevent an end > user from clearing all sessions? > > Second - What is the "All Management Information" entry in the "Items > Hierarchy" on the "Access Control List Editor" page? Is that > something we should assign users to? > > Third - Under the "Agents Hierarchy", there is a group called > "TBLGroup". What is that? > > Fourth - the permissions editor seems to record users only after > they've logged in since the last time TBL was restarted. For example, > when I view the "Users & Groups" page, it only show 2 known users when > I know for a fact that I've had at least 4 users in the system. > However, it may be true that only 2 have logged in since the last TBL > restart. Perhaps it's cached in the "server.topbraidlive.org" file - > we often delete this file and restart TBL because of the caching > issues we've seen within TBL. > > If you have any documentation about the Access Control List Editor > screens and functionality, that would be great. > > Thanks, > Phil -- You received this message because you are subscribed to the Google Group "TopBraid Suite Users", the topics of which include TopBraid Composer, TopBraid Live, TopBraid Ensemble, SPARQLMotion and SPIN. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/topbraid-users?hl=en
