Security issue in Webclient Vs. Fatclient

[Abir Mannan]

Hi,
we are having this issue. In the fatclient we secured the access for users to have access to PD or PY. it is working in fatclient. they cannot access in PD or PY. but it is not working in the webclient. they are able to get in in PD or PY environment.
we did not have this problem before. i just noticed that most probably it happened after we copied PY to PD and DV to sync all the process in the same way before go live.
does anyone know what might happened?
we are using E811.1.
thanks

 

[SKH]

Hi,

You need to restart the web 'instance(s)' on your Web Server(s) before Security changes will take effect. You could try clearing the Security cache using SAW but this doesn't always work in my experience.

Best Regards,

Sanjeev

 

[Abir Mannan]

thanks for the reply..
figured out the issue. it was having because of we put the environment access for PY only on the userId level. but put the PY and PD in the Role level.
now we are only going by Role. not by the user. and thats solve the problem.
Abir

 

[vharden]

Did refresh solve your issue? If not, it sounds like the same problem we've had in E1 8.10 and Tools 8.94. I'm not the security person in our organization, but I know we haven't found a way to restrict the environments in HTML.

 

[Terry Duffy]

Basically the way that you should be doing this is by ensuring that environments based upon the same pathcode are setup in Web on one port number each. (i.e. JPD811 on port 81, JPY811 on port 82, JDV811 on port 83, etc...).

This is what JDE recommend and also has the added benefit of you being able to refresh the serialised objects for an environment(s) (those based on the same pathcode / set of serialised objects) without affecting the others.

The jas.ini then only has one pathcode defined and the users will not be able to login to anywhere else.