Skip to main content

This is documentation for Caché and Ensemble. See the InterSystems IRIS version of this content.Opens in a new tab

Please read this important announcement about the future of Caché and Ensemble maintenanceOpens in a new tab. Contact your account team to migrate to InterSystems IRIS.

Example Two: Protecting an Application with a Resource

In this part of the example, we protect the Zen application with a resource. Only users that are members of roles granting them permissions on the resource are able to access HomePage.cls.

Before beginning, complete the following preliminary steps:

  1. Add a user (user name is JSmith, password is JSmith) to Caché. Read Creating a User for instructions.

  2. Add a new resource (SecurityTutorialResource). Assign the resource no public permissions. Read Creating a Resource for instructions.

  3. Create a new role (SecurityTutorialRole). Add the SecurityTutorialResource:USE privilege to the role. Read Creating a Role for instructions.

After completing the above preliminary steps, do the following:

  1. Edit the CSP Application definition for the /csp/user application (click [Home] > [System Administration] > [Security] > [Applications] > [Web Applications] and then click /csp/user). In the dropdown box labeled Resource required to run the application, select SecurityTutorialResource. Verify that the Enabled box is checked. Click Save.

    generated description: app cspapps6 20142

  2. Open HomePage.cls in a browser. You can do this from Studio by opening the file and clicking View–>Web Page.

  3. Enter JSmith for both the User and Pwd fields. Click Login. Since the user JSmith is not a member of any role holding privileges on the SecurityTutorialResource resource, the log in fails. You will see an error message in your browser. Exactly what you see depends upon your browser.

  4. Next, add JSmith to the SecurityTutorialRole role. For instructions read Adding a User to a Role.

  5. Once again, open HomePage.cls in a browser.

  6. Enter JSmith for both the User and Pwd fields. Click Login. Since JSmith is now a member of the SecurityTutorialRole, which holds USE privileges on SecurityTutorialResource resource, the log in succeeds. HomePage.cls loads into the browser:

    generated description: app cspapps7 20111

Note:

HomePage.cls shows that JSmith is a member of the %DB_USER role as well as the SecurityTutorialRole role. The CSP application automatically adds users to this role while they use the application. It is called an Application Role. A later section of the tutorial discusses Application Roles.

Next sectionExample Three: Application Roles
Previous sectionExample One: Disabling an Application
FeedbackOpens in a new tab