Hi Joel,
To understand OFBiz Security you can go through this document
https://cwiki.apache.org/confluence/display/OFBTECH/OFBiz+security
The other thing(The add userlogin to security group evaded me?) I think you
couldn’t find can be tracked through request ProfileAddUserLoginToSecurityGroup
in Party. (I checked this on trunk and release 13.07)
Here is what I could find service in services_security.xml
<!-- UserLogin to SecurityGroup services -->
<service name="addUserLoginToSecurityGroup" engine="entity-auto"
invoke="create" default-entity-name="UserLoginSecurityGroup" auth="true">
<description>Add a UserLogin to a SecurityGroup</description>
<permission-service service-name="securityPermissionCheck"
main-action="CREATE"/>
<attribute name="userLoginId" type="String" mode="IN" optional="false"/>
<attribute name="groupId" type="String" mode="IN" optional="false"/>
<attribute name="fromDate" type="Timestamp" mode="IN" optional="true"/>
<attribute name="thruDate" type="Timestamp" mode="IN" optional="true"/>
</service>
I found it in both i.e. trunk and 13.07 code. Are you using any other release
then please mention.
HTH.
Pranay Pandey
HotWax Media
http://www.hotwaxmedia.com
ApacheCon US 2014 Silver Sponsor
http://na.apachecon.com/sponsor/our-sponsors
On Oct 1, 2014, at 2:33 AM, [email protected] wrote:
> I am adding logic to create ofbiz users.
> I do auth based on our other project and once I confirm a good user I want
> to add a user that has purchase/ receiving rights.
> I could find the add group user java and the add userlogin java.
> The add userlogin to security group evaded me? I could find it was in a
> security_service.xml in service def.
> It did not have java or a location. I am still new to all this. I thought
> that would mean it was in the script path but I did grep and could not find
> the code that actualy added the userlogin to the security group.
> I copied the java being used to create the group and userlogin and am able
> to create my record to allow the user login the appropriate security group.
> I just was curious if any of you are familuar with the where ofbiz does the
> job? I normally just call the service in the original component, but since
> this was pretty cusomized I decided to pull it out and just do it in my auth
> program i wrote in java. Works great can even tell what level the user is in
> our other app and based on that give permissions, or a page that says no
> permissions etc. Still not 100% sure how to deal with session time outs as
> the users don officially have a login and password. I am just displaying
> ples access via other application menu for now. I did have it going to
> login, but I might try to keep the credentials in hidden variables so if the
> session times out they can re-auth with the other app.
>
>
>
> -----
> Joel Fradkin
> --
> View this message in context:
> http://ofbiz.135035.n4.nabble.com/adding-a-user-login-to-a-security-group-tp4656265.html
> Sent from the OFBiz - User mailing list archive at Nabble.com.
