Information

Created By	Knowledge Migration User

Approval Process Status	Published

Objective

Description

Magic xpi Security (Magic xpi 3.x)

Magic xpi provides a mechanism that allows user authentication. You do this by setting the project properties to require users to authenticate to a security system. The security is triggered when a user accesses a Magic xpi flow using Web Services or HTTP protocols. User credentials and rights are entered in new Magic xpi repositories. The information in these repositories is used to authenticate users and grant them access to specific flows.

Magic xpi supports different types of security mechanisms. You can set up your own internal system or use a security server that supports LDAP (Lightweight Directory Access Protocol) for authentication. If you are using an LDAP server you must define the administrator, user, and password (for an LDAP authentication and connection). The user name is saved in the Magic xpi Project file and is encrypted with RSA encryption.

Magic xpi contains a set of repositories to keep track of users, groups, and rights granted for authentication purposes. The following repositories are available when you select the relevant security options in the Project Properties dialog box:

Rights Repository: This repository maintains all project rights (name and code). Each flow can have a rights property that determines which users have the right to access the flow.

Users Repository: This repository is available when you are using your own internal security system. In this case users are given rights to access specific flows or other activities in your Magic xpi project.

Security Groups Repository: This repository is available when you are using an LDAP (Lightweight Directory Access Protocol) security system. In this case, user groups are created, which are given rights to access specific flows or other activities in your Magic xpi project.

Important Note:

When you use an LDAP server, a security administrator must enter the user groups and rights in the LDAP server. When a user signs on to the system, or triggers the flow, the user credentials and rights that are entered in the Magic xpi repositories are sent to the LDAP server. If the user credentials are found, the user is authenticated.

To use security with an Magic xpi integration project, select the security options that you want in the Project Properties dialog box. You can enter this information when you configure a new project or by clicking the Project menu and selecting Properties. For information on how to enter the security information, see Project Properties.

To add rights to a flow, you must select a right from the Rights repository to attach to the flow. You do this in the External tab of the Flow Properties dialog box.

The Magic xpi License Structure – Technical Note

Reference

Attachment

Attachment