About Security

Since OnePart requires users to be logged in, OnePart MUST always have a security source configured even if there is no need to apply security to files. For this reason, OnePart deploys the default security sources:

This task shows you how to:

Context:

  • app_login, is deployed as an Apps Multi-Security source. You can add/modify security sources to the default configuration. It is configured with default security sources:

    • app_local_windows, the Local Windows Security source on a clean OnePart installation. Users log into OnePart using the same login and password as declared on the OnePart Windows Server.

    • app_admin, the simple security source with encrypted passwords used for app-admin

    • app_demo, a Simple Security source on a OnePart installation that includes the demo configuration. You log in as one of two users to view the demo data: user1 and user2 (password is the same as the user name).

    • app_login_filter, a Filter Security Source includes the demo configuration. You log in as one of two users to view the demo data: user1 and user2 (password is the same as the user name).

    • cas_no_sec, No Security Security Source is used when there is no security source to be defined.

    • cas_filter, Filter Security Source is used when you need to apply security to specific OnePart groups.

    • app_console, the Exalead CloudView admin security source designated for the OnePart Console.

How it works?

Use case 1 - OnePart Security for an installation with demo data



Use case 2 - Security for OnePart configured with multiple sources

Context:

This example illustrates the OnePart security. This assumes that all sources have been added in the OnePart Console. For each source added, the appropriate security source is added.



Supported security sources

There are dedicated security sources in Exalead CloudView for commonly deployed Windows and LDAP implementations. For example:

Context:

Type

Parameters required

Active Directory (Microsoft windows user/group repository)

address: Domain controller address, such as office.exalead.com

user and password: the specified user must have read-access on the directory server content.

base: the search base, such as cn=Users,dc=office,dc=exalead,dc=com.

LDAP

See the Exalead CloudView Administration Guide: Configuring security sources.

Local Windows Security Source

domain: Domain that should be used to identify the user.

loginAsToken: To push the login as a security token.

For details on additional supported types, see the Exalead CloudView Administration Guide: Configuring security sources.

Implementing document security

App Security is a new way to handle security for OnePart. Instead of using classic ACL/source-based security via Exalead CloudView, OnePart administrators are able to define security rules based on user logins and/or security tokens and Exalead CloudView queries.

Context:

OnePart supports 2 different security implementations: