User management

User management

User management in VisionR is role based. There are several authentication mechanisms (login form, automatic Active Directory authentication, URL login), which can be combined in the same installation.
Description

VisionR implements a role based user management. It supports multiple user authentication mechanisms. Authentication modes can be combined and simultaneously used in a single server installation. Access permissions on data row level enable complex yet easy to handle access definitions. Access rights for the users are set by their user group. Roles are organised in an editable hierarchical tree structure. User groups can inherit access permission from another user groups. This approach saves time, when creating new user permissions and new roles.

Authentication

The following authentication mechanisms are part of the standard VisionR Installation:

  • Login in a web form
  • Account approval by an Active Directory Server (NTLM authentication mechanism with KERBEROS)
  • Login over URL

These login mechanisms can be used simultaneously. Additional authentication mechanisms can be added as a custom plug-in solution in more complex networks.

Access levels

Access to VisionR objects is implemented on many levels:

  • Mask access (similar to "page" access in a web application)
  • Object definition access (similar to "table" access in a relational database)
  • Property access (similar to "column" access in a relational database)
  • Object access (access permissions for single data rows)

Combining permissions on the different access levels allows very complex access definitions.

Permissions

Access permissions in VisionR are used to define detailed object access for user roles.
Following permissions are available:

  • Read permission
  • Insert permission
  • Update permission
  • Delete permission
  • Archive permission
  • Execute permission
  • Copy permission
Predefined roles

The standard installation of VisionR offers a predefined set of user roles and permissions for the different modules. Predefined roles allow fast module deployment. Simple assignment of predefined roles to the registered user accounts is sufficient to start using the application.