User Profiling

User Profiling

Having a strong but flexible system for data protection  is extremely important in those applications where sensitive data are stored.

Thanks to its architecture, CMDBuild is able to manage access permissions to objects in a logical and granular way.

In a logical way because it is independent from the channel of the origin of the request, whether it comes from the desktop user interface or from a SOAP webservice (or other applications) or REST (mobile interface or GUI Framework or other applications).

In a granular way because the grants and roles can be defined on classes and process, search filters, views, reports, dashboards.

On classes and processes it is also possible to:

  • specify access permission (no access, view only, edit) for each class/process
  • restrict such permission to a subset of data sheets/process, using filters that can be applied to any attribute for the class, or to the relations with other classes, or returned by specific and complex database functions
  • restrict such permissions to a subset of the attributes of that class/process, through a direct selection

The permissions are always assigned to groups of users and each user can belong to one or more groups, so you can decide whether your group can operate with normal restrictions or with the combination of every groups restriction.

For each group of users a custom menu can be configured.

User authentication can be performed by:

  • local control on CMDBuild databases
  • local control of user presence in CMDBuild databases and password control on LDAP system
  • activating a system SSO (Single Sign On) through additional product installation such as open source CAS
Useful links
Administrator Manual: User groups, Users, Menu

We use cookies on this site to enhance your user experience. By continuing to browse our website you are agreeing to how we use cookies. Cookie Policy