AX2588

The Security Management dialog

All security settings for Axiom are controlled in the Security Management dialog. To access this dialog:

• On the Axiom tab, in the Administration group, click Manage > Security > Security Manager.

  NOTE: In systems with installed products, this feature may be located on the Admin tab. In the System Management group, click Security > Security Manager.

Only users with the following permissions can access the Security Management dialog:

• System administrators
• Users with the Administer Security permission
• Users assigned as a subsystem administrator

Viewing users, roles, and subsystems

Users, roles, and subsystems are listed in the left-hand side of the dialog. To switch between items, select one of the radio buttons at the top of the dialog. By default, users are displayed.

• You can sort the user list by last name, first name, and login name. To change the sort, select the desired option from the Sort By list. By default, the list is sorted by last name.

• To search for a particular user, role, or subsystem, type the name into the search box at the top of the list. To clear the search, click the Clear filter icon to the right of the search box. Note that this will search the user's login name as well as first and last name.

• To show or hide users by their enabled status, use the Enabled and Disabled check boxes. By default, both check boxes are selected which means that all users are shown (enabled and disabled).

When a user, role, or subsystem is selected in the list, the settings for that item display in the right-hand side of the dialog, organized by tabs.

TIP: You can double-click on any user, role, or subsystem name listed in the Assigned Users / Assigned Roles / Assigned Subsystems sections to open that record.

NOTE: Subsystems are optional in systems without installed products. Subsystem features are only available if you have enabled them using the system configuration settings.

Editing security

Changes made in the Security Management dialog are reflected in "real-time" within the dialog. If a required setting is missing, a validation message appears in the bottom left of the dialog. You can click on the message to be taken to the applicable setting. This issue must be resolved before you can save any changes.

At any time you can save changes by clicking Apply (to leave the dialog open) or OK (to close the dialog). In most cases, changed security permissions will be effective within seconds of being saved; the user does not need to log out and log back in before changes are applied.

Effective permissions

Several tabs of the Security Management dialog, such as the File Groups tab and the Tables tab, display the effective permissions for the user. This is the permission that the user has after applying all of the relevant security settings, including inherited role permissions, subsystem restrictions, and administrator permissions. This allows you to understand exactly what permission the user has.

For example, if you select a table type or a table in the Tables tab, the Configured Permissions section displays what permissions have been granted at the user level, and the Effective Permissions section displays the actual access rights of the user. In the following example screenshot, although the user herself has no configured access to the table type, her effective permission is full access. This means that either the user is assigned to a role with full access to the table type, or the user has been granted administrator rights. You can see exactly which rights contribute to the effective permissions by clicking the Show Details link.

As edits are made in the dialog, those changes are reflected in the effective permissions immediately. For example, if you grant a user permission to Administer Imports, and then switch to the Files tab, the effective permissions for the Imports Library will reflect that the user has full permissions to all imports, even though the change has not yet been saved.