Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
icon5.gif   User Profile - Access to logbook group, posted by Tomas Rudolf on Fri May 2 00:34:26 2003 
    icon2.gif   Re: User Profile - Access to logbook group, posted by Stefan Ritt on Fri May 2 08:45:38 2003 
    icon5.gif   Re: User Profile - Access to logbook group, posted by Robert Keeney on Fri May 2 15:58:23 2003 
       icon5.gif   Re: User Profile - Access to logbook group, posted by Tomas Rudolf on Fri May 2 18:10:36 2003 
Message ID: 313     Entry time: Fri May 2 18:10:36 2003     In reply to: 312
Icon: Question  Author: Tomas Rudolf  Author Email: tomas@mba.be 
Category: Question  OS:   ELOG Version:  
Subject: Re: User Profile - Access to logbook group 
Robert, this is exactly what we managed to do as well. And it works fine. 
The only issue is that the users from one group can "SEE" the book names 
available to other groups. 

The solution Stephane suggested seems like the only possible right now.

Anyways, thank you for your answers, Robert & Stephane !

Tomas


> I have managed to get this to work (so far).
> 
> What I do is use a separate password file and directory for each log.
> 
> I haven't tested it with with the current version but it worked fine before
> that. My testing consisted of creating a user in the main password file and
> see if he could get to anything I didn't want him to. This may not be 
enough
> for something that requires a high level of security. 
> 
> When I create a new user I move that line to the appropriate password file 
if
> it isn't already there.
> 
> You will get an invalid user message and a prompt if you try access a log 
that
> doesn't have your user name in the password file. 
> 
> I only have six people using it so this isn't much trouble.
> 
> I would like to see groups implemented to make this more manageable.
> 
> > Hi,
> > 
> > I was wondering if anyone had a solution for my problem.
> > We are trying to run several books on one server. The books are grouped 
> > such as follows :
> > 
> > Group Users1 = Book1, Book2, Book3
> > Group Users2 = Book4, Book5, Book6
> > Group Users3 = Book7, Book8, Book9
> > 
> > We would like to give access to selected users to only their Group. So 
that 
> > for instance Users1 cannot access the books of group Users3. I was 
> > wondering if there is any notion of "User profile" or security per 
logbook 
> > Group implemented?
> > 
> > What we do for now is that we have 3 different PASSELOG files and for 
each 
> > Book we need to specify which PASSELOG should be used for 
authentication. 
> > This works fine except that we prefer that users do not see the other 
> > logbooks listed in the main menu nor the other "inaccessible" logbook 
tabs 
> > in the logbook view. Is there a way to hide these for them (but only for 
> > them)?
> > 
> > Tomas
ELOG V3.1.5-fe60aaf