2. PHPRunner General questions
  3. Question about setting up security
This topic is locked

Question about setting up security

 		4/16/2007 18:06:16
PHPRunner General questions
L
 larsonsc author

OK, right now I am trialing the v4.0 beta and I have been asked by the group that I work with to implement security on our records system in the system itself rather than just through the web server. My production version of the application was built most recently with 3.1 build 218, however I'd prefer to just work all of the new changes in with version 4 if I can while I am testing it on my local server. My main questions are listed below, and I apologize if these have been asked and answered before, I'm not seeming to phrase my searches correctly to get the answeres I'm looking for.

  1. Is the security per page/view/report or does one login cover the whole application?
  2. Does anyone have a link to a discussion here about setting up a user authentication table?
  3. How will implementing security now (after the application has been in production for about 4 months) affect the existing records in the system?
    Thanks for any help anyone can offer.
T
 		thesofa 4/17/2007

What sort of user authentication do you want, you can include the values in the application, or you can use a table in the Application's databse or another table outside of the applications database, or you can try to get LDAP authentication working with Active directory?

We have a working solution for LDAP authentication for version 3.0 and 3.1, just search for LDAP on the forums.
L
 		larsonsc author 4/17/2007

I'm thinking I will be best served with setting up a new table to handle the user authentication as we do not have any solution for LDAP available.
T
 		thesofa 4/17/2007

Is it a totally non-windows network?

any windows server 2000 or newer network running Active Directory has the ability to use LDAP as an authentication protocol.
L
 		larsonsc author 4/17/2007

It is a single Linux based web server that I do not have root access to.
T
 		thesofa 4/17/2007

In that case I suggest you use the option to have a seperate table of users, if you search for MD5 in this forum, you will find posts about how to hash the passwords too..

It boils down to setting up your table of users, then chosing the option in the security page or sub page, to authenticate against another table.
L
 		larsonsc author 4/17/2007

OK, thanks thesofa I'll look around and see what I can track down.