Connecting a Mashup to a role or user in 10.0.5

In Smart Office 10.0.5 we introduced support for connecting Mashups to roles. This is something that we should have implemented from day one but there are a few reasons why we haven’t. First of all Smart Office is a platform for different applications, we did not want to create yet another custom tool where you manage and create LSO roles. M3 have their roles, S3 has there roles, roles are related to Security and there is another team who handles Security. We were pushing for a common solution for Lawson. The Smart Office server has moved to the Grid (9.1.3).

Authentication is handled by the Session Provider in the grid and in the grid it is possible to connect users to roles. The session provider can be connected to for example IFS, Infor Federated Services, were you set up claims and claim rules. When a user is authenticated by ADFS, the roles set up for that user in IFS will be passed along as a claim (called http://schemas.infor.com/claims/SecurityRole) on the response sent back from ADFS to the SAML Session Provider. These roles will be mapped according to the role mappings set up in the Grid, and assigned to the Grid Principal representing the authenticated user.

For the first take of the SAML Session Provider, roles are not really in scope – there is no tooling available for creating roles in the Grid and IFS based on the roles required for a specific Grid application. But we are on our way.

For Mashups it will be possible to manage a deployed entity. The deployed entity is a *.mashup file.

When you package your Mashup in the Mashup Designer you create a *.lawsonapp file which in turn contains the *.mashup file. One *.lawsonapp can contain a number of Mashup files. The *.mashup file represents the Mashup project and it can contain a number of different Mashups. If you want to merge multiple mashup projects in one *.lawsonapplication file then you can use a tool called the Application Builder. It is a stand alone tool for merging *.lawsonapplication files. If you have a project were you create Mashups as well as REST Grid application then you will use the Application Builder to create a *.lawsonapplication file that contains both the Mashup and the Grid application.

Mashup File Administration Tool

In the Mashup File Administration Tool it is possible to administer and set access right on a deployed *mashup file. This is the artifact from a mashup project and can contain multiple mashups. In this section we refere to the deployed entity as a Mashup file or Mashup project but it is in both cases the the * .mashup file.

A mashup is deployed as an entity together with the other mashups in a Mashup project. It is only possible to connect roles and users to a mashup on a mashup project level. This means that all mashups contained within the project will be available to the connected users and roles. It is not possible to connect access to individual Mashups within a project. If you need to have different access level on mashups make sure you create a new project for each Mahup.

The Grid Session provider is responsible for providing user information such as Display Name. For the best user experience it is important that the Grid Session provider is configured for LDAP lookup.

Tool Overview

The first list contains a view of all Mahups files deployed on the server. It has the following columns:

Name: The Name of the Mashup file, which is the Mashup project name
Last Modified: The last time this file was deployed using LCM.
Changed by: The user id of the person who last updated the mashup file via LCM.
Access: There are three access levels:
• None – No one has access to the mashups in the mashup file.
• Public – The mashups in the mashup file is available to everyone. This is the default access level.
• Role – The mashups in the mashup file is available to connected roles and users
Connected Roles and User: The users and roles that have access to a mashup project.

Note! It is only possible to connect users and roles if the access is set to Role. If you change the access level to public or none connected roles and users will be cleared when the configuration is saved.

How to connect a user to a Mashup project
1. Select the Mashup file the user should be connected to.
2. Make sure the Mashup file has access lever set to role.
3. In the User Id write the id of the user. There is no find or browse functionality so you will need to know the user id of the user. Press enter or klick the button to connect the user to the Mashup file. Depending on your Session Provider in the Grid and the configuration of the Session Provider you will see the Display name of the user in the list. Make sure that the Session provider is configured correctly against your LDAP for the best user experience. It is also possible to have a Session Provider that connects to multiple LDAPs.

It is also possible to do a multi select and then press the add button.

How to remove a user from a Mashup project
1.Select the Mashup file the user should be connected to.
2. In the connected list to the right locate the user and select it.
3. Press the remove button or double click the user to remove.
4.Press save to save (or Ctrl+S)

It is also possible to do a multi select and then press the remove button.

How to connect a role to a Mashup project
1. Select the Mashup file the user should be connected to.
2. Make sure the Mashup file has access lever set to role.
3. Select one or many roles in the list that contains all the roles. Double click can be used to quickly a role.
4. Press save to save (or Ctrl+S)

How to remove a role from a Mashup project
1. Select the Mashup file the user should be connected to.
2. In the connected list to the right locate the user and select it.
3. Press the remove button or double click the user to remove.
4. Press save to save (or Ctrl+S)

Working with a Mashup file as a template
If you need to configure a set of Mahups files to be available to the same set of users and roles you can copy the configuration of one Mashup file and apply it to another.
1. Select the Mashup file you would like to copy the configuration from.
2. Use Ctrl+C or the Copy command found on the context menu on the list of files.
3. Select the Mashup file you would like to copy the configuration to.
4. Use Ctrl+C or the Paste command found on the context menu on the list of files.
5. Press save to save (or Ctrl+S)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s