Access Levels

Post Reply
JasonMacKenzie
Posts: 1
Joined: 08 Apr 2011, 16:34

Hello,

Does the Essential Project support role based security of any kind? i.e. Read or write access to the metamodel Do you need to log into the software via a username or SSO?

Thank you very much.

Jason MacKenzie
User avatar
neil.walsh
Posts: 444
Joined: 16 Feb 2009, 13:45
Contact:

Hi Jason,

Essential supports some very basic role-based security with just three roles - read, read/write and admin. These are at a repository level so it's all or nothing in terms of the content. Access is configured in the meta-project when setting up a multi-user environment.

In the Viewer (which by its very nature is read-only), there is no built in security in the application however it's easy to add some basic Tomcat security on this. Some organisations have gone further and integrated this with their AD or LDAP directories by creating roles/groups and assigning people to those. It's also possible to have multiple viewer environments with different configurations and apply different Tomcat security to each to control access to different views.

Thanks for your interest in Essential

Neil
Stepan Karandin
Posts: 17
Joined: 24 Jul 2017, 11:41

Hi, Team
Is there any change since 2015? Could we manage access to entities at Viewer, not Views at AppServer level?
User avatar
neil.walsh
Posts: 444
Joined: 16 Feb 2009, 13:45
Contact:

Hi Jason,

There haven't been any changes to the security model in the Open Source version of Essential and my previous post below describes the current capabilities well. It's just read, read/write and admin at a repository level (not an entity level). There are unlikely to be any significant changes as this is a limitation of the underlying Protege toolset.

However, the Essential Cloud version has a sophisticated security model which can control access at a class / slot / instance level both in the modeller interface and Essential Viewer. It can also integrate with your directory using SAML for authentication.

Can you give an example of what you're looking to control access to and how you'd like it to work?

Cheers

Neil
Stepan Karandin
Posts: 17
Joined: 24 Jul 2017, 11:41

Hi, Neil
My company has a number of projects. Some of them are confidential and we would like to show this projects for the special people only.
It's O'kay to read/write the whole universe under Protégé but at Viewer we would like to have granularity.
sarah.smith
Posts: 56
Joined: 04 Feb 2009, 15:44

Hi Jason,

In Open Source Essential the access control available in the viewer is as my colleague Neil described in his earlier email:

In the Viewer (which by its very nature is read-only), there is no built in security in the application however it's easy to add some basic Tomcat security on this. Some organisations have gone further and integrated this with their AD or LDAP directories by creating roles/groups and assigning people to those. It's also possible to have multiple viewer environments with different configurations and apply different Tomcat security to each to control access to different views.

However, as he mentioned, in Essential Cloud you can manage security to a very granular level in both the viewer and the modeller, so you can assign roles and restrict access by class or even instance, allowing you, for example, to give only certain people the ability to see a specific project, or costs, or an application and so on, in the viewer.

Hope that helps

Sarah
The Essential Project Team
Post Reply