Skip to main content

Application access tree

Description

Soffid allows youadministrator users to create new entry points to the information systems. ThisThese entry points can be URLs or applications that vancan give access to an information system.systems that have been registered in Soffid. These entry points are managed in a tree structure that allows to create new menus and new application access.

Each application entry point can have a single sign-on rules. Those roles are fully explained at SSO reference guide &&TODO&& Esta en confluence, ¿hay que mantener?

CONFLUENCE: ????After logging on a managed workstation, the system will apply such restrictions and will update the Windows or Linux start menu.

Each application entry point will have different execution methods for full managed workstation, loosely managed workstation, or external devices. Each of them can be a web browser URL or a javascript piece.

Screen overview

&&TODO&&

  1. NetworkInformation system
  2. User
  3. Group
  4. Role
  5. Account

Standard attributes

Basics

  • Menu: (yes|no) when menu is Yes, this application will be like a folder to contain and organize other applications.
  • Name: application identifier name.
  • Code: application code.
  • Information System: asset or application, from a functional point of view, on which the permissions are granted or revoked. Soffid will connect to this information system to validate credentials and permissions. ¿Es esto así?
  • System: information storage system from a technical point of view (active directory, database, CSV, ...).
  • Public access: when it is Yes, this application will be displayed as public at the self-service portal of all users.
  • Visible without permissions: when it Yes, this application will be displayed at the self-service portal, but only users with permissions will be allowed to connect.
  • Icon: application identification icon.

Authorizations

Allows to grant access level permissions to users, groups, roles or accounts. The access levels options available &&TODO&&Manage and Execute ¿

 

 

Executions

Allows Adminsitrator users to configure the entry point access. It is only available to entry points with option Menu does not selected

There are tree options to configure the executions. Administrator users can configure one or more:

  • Running from Intranet
  • Enabled:
  • Type:
  • Content:

Thisthis entry applies to hosts located in a network flagged as internal.

  • Running from Extranet
    • Enabled:
    • Type:
    • Content:

    Thisthis entry applies to hosts located in a network NOT flagged as internal.

  • Running on the Internet
    • Enabled:
    • Type:
    • Content:

    Thisthis entry applies to hosts located in a unknown network.

    For each one execution option it is possible to configure the following parameters: 

    • Enabled: if the option is available to configure.
    • Type: access connection type.
    • Content: ¿que permite cada opcion? &&TODO&&
        • text/html
        • x-application/x-mazinger-script
        • Recorded session
        • Web Single Sign On

      ESSO

      &&TODO&&

      Actions

      Application query

       

      Application detail