Documentation > Tutorial > 9.1 Application access control: Initial preparation
9.1 Application access control: Initial preparation
In the previous sub-section (8.2) the admin page is tested and accessed by anonymous type user. It's abviously not secure and should be limited to admin type user only. To facilitate the implementation and testing on application access control for anonymous and admin type users, the application must first provide the facility so developer can easily switch between these two different types of users. By convention, the framework will end the current active session each time the link node named "Logout" is selected. After the session was ended it will display back the main login page of the application. For mygb application, adding the "Logout" link node under the "Home" node will simply solved the problem in order to provide the aforementioned facility. Go back to framework's ADT (Application Development Tool) page and add the "Logout" node under the "Home" node. Below is the current list of child nodes should be available under the "Home" node after the new "Logout" child node is added.
Inside the framework implementation, application access control can be applied at 3 (three) different levels that are link, component, and database item. For access control at the component level the developers have to manually register the components so the framework can get the information of the available components which access restriction could be applied. To do this, inside the ADT page, click the "Dynamic Module Management" main link and then followed by the "Scan/Refresh Modules" sub-link. All available components which are still not register in the framework's component-table will be displayed as below.
Scroll down the browser window until the "Add Module" button appear. Notice that besides the new auto generated modules, all other standard existing framework's component-type modules are also listed.
Click the "Add Module" button to register all listed modules into framework's component-table of mygb application. Note that these procedures must be applied each time new modules are added to or remove from the application so the component table are always up to date. After the button is clicked the page will display the message of no new modules have been found as shown below.
While still at the ADT's page of mygb application, click the "Exit" main link. The ADT should now move to its main page as shown below.
Inside the ADT's main page, at the "Task" column, click the "Run" link for "appAdmin" to open the another one framework's web-based support tool that is the AAT (Application Administration Tool). Do completely read the documentation on framework installation at section 4 (Web-based Support Tools Activation) to really understand how the ADT and AAT are related and depend on each other to support web-based application development activities using the framework. Below is the AAT's login page (opened in a new tab) when the "Run" link for "appAdmin" inside the ADT main page is clicked.
At the AAT's login page enter the login and password for user type admin. If the login is success then the main page of AAT will be displayed as below.
At the AAT's main page click the "mygb" application link inside the "Select Application" column. As shown below, the AAT should then displays the other page that contains main links that represent the functions available to administer/manage the current selected web application (mygb). Just click the "Exit" main link to go back to AAT's main page to select other application to be managed.
It's important to notice that at this stage there are 3 (three) different browser's window/tab have been opened. They are the ADT, AAT, and mygb application itself. They provide a web-based working environment for developers to develop, manage, and test the application being developed. In the previous sections, the ADT has been extensively used to support the development process of mygb application. In the next sub-sections (9.2 and 9.3) the AAT will become the main web-based tool to be used since the tasks involved are more oriented to mygb application administration, particularly to provide application resource access control at the component and link levels.
|Copyright © 2012 - 2017, Mohd Razak Samingan, Faculty of Computing, Universiti Teknologi Malaysia.|