This is the eighth and final blog in our tutorial series on the best solutions from Logi’s Expert-on-Demand (EOD) team. In our previous blog, we looked at Logi Hybrid Security, which allows for single sign-on authentication with available standard security from outside of a parent application. Now, let’s talk about further increasing the security of your application with the Logi Shell Application, a security shell complete with a menu as well as a user and report security administration interface.
Our Shell Application utilizes Logi standard security and requires a database connection. For this example, we are using a Microsoft SQL Server database (note that thesplit()user function must be available within the database).
The Logi Shell Application comes with an interface to administer both user and report security. In this interface, you can create, edit, clone or delete users as well as define user roles and apply them to both users and reports. As an admin, you can admin users, set their roles, invent a role, and add the individuals to those roles.
You can also do the same thing with reports. When you add roles to reports, the associated security rights are added to the report as well. This not only changes the menu system, but security is also added to the report level through an included plug-in.
Dynamic Menu System
Our dynamic menu system is based on the current user’s security role. User access is restricted via the menu as well as the report’s Security Report Right ID property. If a valid user obtains a direct link to a report they do not have rights to view, they will receive an “Access Denied” message.
For example: I can set the security level of a report to Logi 16, and only those users will be able to view that report. To take it one step further, the menu is dynamic as well; so when a user logs in, the menu changes based on the security rights of both the report and the user.
User passwords are stored in the SQL database using an MD5 Hash. SQL Server also supports other hash encryption as well as encryption by certificate and key.
As you can see in Figure 2 below, if you log in as admin, the right-hand corner displays the user’s information and their security roles. You can also see User Administration and Report Administration. Any of the reports that fall within that menu system are contained in the subreport or subfolder in Logi Studio. So if you want to add a new report to the Finance subfolder, for instance, you could do that there.
See the Logi Shell Application in action here >
User: Admin1, Password: password
User: Sales1, Password: password
User: Finance1, Password: password
User: User1, Password: password