hello,
I understood that Tamino ACLs can restrict access to documents elements or functions. It’s a structure based control in fact.
I would like to know if there is a way to get an instance based access control within Tamino. I thought writing some server extension that would do a content based check but found it’s not possible to switch the security context before calling XML callbacks.
I hope my request is clear enough. Any idea to achieve my goal is welcome.
regards,
Jerome
Hi Jerome,
Tamino supports access control on node and not on instance level. For write, update and delete maybe it would be possible to write a trigger based server extension supporting access control on content level.
The Tamino Webdav Server supports access control on instance level.
Hope it helps.
regards Eckehard
Thanks Eckehard,
I wrote a such extension but I found that there is another security access check during the XML callback functions call. It’s not possible to change the security context whithin the extension in fact. (or didn’t found how to)
So extensions can’t be grant data access.
Hi Jerome,
that’s true. The server extension is restricted by the security, defined in the ino:security collection of your database.
regards Eckehard
Do you see any workaround ?
regards
Hi Jerome,
no (as far as I know), sorry. That’s the way like it is designed.
regards Eckehard