SlideShare une entreprise Scribd logo

Lawson Security

Télécharger en tant que PPTX, PDF
Nogalis Inc
Nogalis Inc

This document provides an overview of Lawson security, including the components, tools, and simple tasks for getting started with Lawson security. It discusses the user, role, and security class hierarchy and how to secure different object types. It also demonstrates how to perform basic security administration tasks like adding a role to a user, granting access to an online screen, and granting access to a data source. The document stresses the importance of planning security implementation methodology and roles/classes beforehand and troubleshooting techniques if issues arise.

Logiciels
1  sur  28
Lawson Security The basics to get you started
Are you on Lawson Security? 48% 42% 10% Poll Lawson Sec LAUA No
What is covered • Overview of security past and present • Introduction to components and terminology • Introduction to the tools and menus • A few simple tasks that you’re likely to perform • Implementation methodology • Troubleshooting
HRGENCLASS PA52 PA100 HR07 HR04 HR01 HR00 HR09 HR10 HR11 PR12 PR13 PR51 PR52 PR67 PR68 HR12 User Security Class Secured Objects LAUA Security
User Security Roles DATAACCESS Security Classes PRADROLE HRGENROLE HRSETUPCLASS PAACTCLASS HR07HR04HR01HR00 PRACCESSCLASS PR12 PR13 PR51 PR52 PR67 PA52 PR68 PA100 HREMPCLASS HR09HR10 HR11 HR12 LSF Security ….
The Hierarchy (in one profile) •User has many oRoles have many •Security Classes have many oRules
What can you secure? • Online: Online Screens (e.g. HR11, PR13, GL00, PO20…) • Batch: Batch programs (e.g. PA100, HR211, PR198, GL190…) • Files: Database Tables • Elements … Not in this presentation • Element Groups… Not in this presentation • Data Source: The Productline • Securable Type o Form o Program o Table
Rule? • Grant All Access • Deny Any Access • Unconditional Access to Action • Conditional Rule Access
The Tools • RM Administrator o Add/Edit Groups o Add/Edit Roles • Security Administrator o Manage Security Profiles o Add/Edit Security classes o Add/Edit Security rules o Assign classes to roles o Manage user profiles o Run security reports o Manage security settings
How to log in • For either the Security Administrator or RM Administrator o Server: Same sever as your Portal URL (you don’t need to type in the “Http://” o User: Has to be a security administrator (there are other user types but for now …) o Password: Same password as used on Portal
Menus • Add/Edit Users • Add Roles to users • Manage identities • Add users to groups • Add/Edit security Classes • Assign a Class to A Role • Create an run reports
Simple Task 1: Add a role to a user • Log into the Security Administrator • Select “User Management” section on left side bar • Click on “User Maintenance”. Opens new window. • Search for the user name by last name. o HINT: You can use wildcards. e.g. Rez* will bring back Rezaei • Right-click the row and select “Edit RM Information” • With the “Role” row highlighted, click on the button to the right • “Skip to End”; “Back”; Check “Description”; Next • Select Desired role and click the > button • Click Finish • Close the “Change RM Object” window • Acknowledge saving the record • Viola
User Search/Edit Right Click
RM Record Should be set to Yes
Assigning Roles
Assigning Roles
Assigning Roles
Simple Task 2: Grant Access to online Screen • Log into the Security Administrator • Double Click the Profile ID your classes reside in (PRD) • Double Click the Security Class to add access to • Click the “Add Rule” button • Select the securable type. Example: “Online” • Expand the system code your securable object is under. Example “IF” • Check the object you want to grant access to. Example: CU01 o Select “Grant All Access” on the right and click Apply o Expand the screen name and select the token you want to grant access to. Example CU01.1 • Select “Grant All Access” on the right and click “Apply” • Viola: As long as you have access to the system code (Example “IF”) and the DataSource (Example “PROD”).
Granting Access to CU01.1
Did you catch that? • To grant access to a securable object like a screen, a batch job, or a database table, you need to grant access to the productline and the system code it resides in. • In order to grant access to a specific screen token (like HR11.1). You also need to grant access to the screen (HR11). The fields and tabs in the token are automatically granted unless you deny them specifically.
Simple Task 3: Grant Access Prod • Log into the Security Administrator • Double Click the Profile ID your classes reside in (PRD) • Click “Add” (to add a new Security Class) • Name your security class (e.g. “ProdAccess”), add a description and click ADD • Click “Refresh” scroll double click your new class. • Add Rule • Select “Data Sources” from securable type • Select “Prod”; on the right select “Grant All Access” • Click Apply • Viola
Drop downs and Drills • Must grant access to the tables the select or drill draws data from. • Table information can be found in the <system code>.or and <System Code>.sr files in $LAWDIR/Productline/??src
Couple of other things • LSF Security is grant based. If in any of assigned classes access is granted then the user has access. EVEN IF it’s explicitly denied in another one of the user’s classes. • You can write conditional rules based on lots of things. Here are some examples: o Data Elements: Company, Process_level, Department, Job_Code o Screen Fields o User Profile information o Date/Time o Structures o Elements / Element Groups o Identities
Implementation •50% Planning •30% Development •20% Testing
Methodology • Come up with a good naming convention for roles and classes before you do anything else. These should make sense at a glance and be easy to classify and sorting them should also group them. • Start with Roles in the company • Determine Tasks each role needs to perform (These will be your security classes) • Determine what each task is composed of (These will be your rules) • Assign classes to roles • Assign roles to users • Do one user group at a time, not all at once
Troubleshooting • If all else fails in your troubleshooting make sure to: o Perform an IOSCacheRefresh o Clear all your browsing history and restart the browser o Remove all other roles but the one you’re testing from the user o Run a security report o Check security log files in $LAWDIR/system/ o Clear Security Cache under the Server Management section of the security administrator o Reduce the “CACHING_INTERVAL” under the server settings in the Server Management section of the security administrator o Try it in LID o Take a break
Next Webinar July25 www.nogalis.com/education.html Microsoft Add-ins Simple queries and data loads.
@nogalisinc

Recommandé

Lawson for Total Beginners
Lawson for Total BeginnersLawson for Total Beginners
Lawson for Total Beginners
Nogalis Inc
 
Data-Ed Webinar: Data Quality Success Stories
Data-Ed Webinar: Data Quality Success StoriesData-Ed Webinar: Data Quality Success Stories
Data-Ed Webinar: Data Quality Success Stories
DATAVERSITY
 
politicas de seguridad informatica normas
politicas de seguridad informatica normaspoliticas de seguridad informatica normas
politicas de seguridad informatica normas
galactico_87
 
Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database Vault
Marco Alamanni
 
Ejemplo de manual sistema de inventario de operaciones estadisticas
Ejemplo de manual sistema de inventario de operaciones estadisticasEjemplo de manual sistema de inventario de operaciones estadisticas
Ejemplo de manual sistema de inventario de operaciones estadisticas
sullinsan
 
RESUMEN DEL MODELO BIG 6.pdf
RESUMEN DEL MODELO BIG 6.pdfRESUMEN DEL MODELO BIG 6.pdf
RESUMEN DEL MODELO BIG 6.pdf
GloriaMelndez2
 
Modern-Data-Warehouses-In-The-Cloud-Use-Cases-Slim-Baltagi
Modern-Data-Warehouses-In-The-Cloud-Use-Cases-Slim-BaltagiModern-Data-Warehouses-In-The-Cloud-Use-Cases-Slim-Baltagi
Modern-Data-Warehouses-In-The-Cloud-Use-Cases-Slim-Baltagi
Slim Baltagi
 
Tipos de datos en power designer
Tipos de datos en power designerTipos de datos en power designer
Tipos de datos en power designer
Andreita Bedoya
 

Recommandé

Lawson for Total Beginners
Lawson for Total BeginnersLawson for Total Beginners
Lawson for Total Beginners
Nogalis Inc
 
Data-Ed Webinar: Data Quality Success Stories
Data-Ed Webinar: Data Quality Success StoriesData-Ed Webinar: Data Quality Success Stories
Data-Ed Webinar: Data Quality Success Stories
DATAVERSITY
 
politicas de seguridad informatica normas
politicas de seguridad informatica normaspoliticas de seguridad informatica normas
politicas de seguridad informatica normas
galactico_87
 
Oracle Database Vault
Oracle Database VaultOracle Database Vault
Oracle Database Vault
Marco Alamanni
 
Ejemplo de manual sistema de inventario de operaciones estadisticas
Ejemplo de manual sistema de inventario de operaciones estadisticasEjemplo de manual sistema de inventario de operaciones estadisticas
Ejemplo de manual sistema de inventario de operaciones estadisticas
sullinsan
 
RESUMEN DEL MODELO BIG 6.pdf
RESUMEN DEL MODELO BIG 6.pdfRESUMEN DEL MODELO BIG 6.pdf
RESUMEN DEL MODELO BIG 6.pdf
GloriaMelndez2
 
Modern-Data-Warehouses-In-The-Cloud-Use-Cases-Slim-Baltagi
Modern-Data-Warehouses-In-The-Cloud-Use-Cases-Slim-BaltagiModern-Data-Warehouses-In-The-Cloud-Use-Cases-Slim-Baltagi
Modern-Data-Warehouses-In-The-Cloud-Use-Cases-Slim-Baltagi
Slim Baltagi
 
Tipos de datos en power designer
Tipos de datos en power designerTipos de datos en power designer
Tipos de datos en power designer
Andreita Bedoya
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
Michael Gough
 
Microsoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification TrainingMicrosoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification Training
David Blumentals
 
TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1
Eelco Visser
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
Lalit Kale
 
Practical Defense
Practical DefensePractical Defense
Practical Defense
Sean Whalen
 
The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development Testing
Cathal King
 
Data Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data ProtectionData Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data Protection
Karen Lopez
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information security
Anant Shrivastava
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
gealehegn
 
Threat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskThreat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security Risk
Security Innovation
 
[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles
OWASP
 
Secure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSecure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and Sharing
Salesforce Developers
 
Test cases and bug report v3.2
Test cases and bug report v3.2Test cases and bug report v3.2
Test cases and bug report v3.2
Andrey Oleynik
 
Advanced Apex Security Expert Tips and Best Practices (1).pptx
Advanced Apex Security Expert Tips and Best Practices (1).pptxAdvanced Apex Security Expert Tips and Best Practices (1).pptx
Advanced Apex Security Expert Tips and Best Practices (1).pptx
mohayyudin7826
 
Module 6.pptx
Module 6.pptxModule 6.pptx
Module 6.pptx
ssuser66c4d5
 
System Security Beyond the Libraries
System Security Beyond the LibrariesSystem Security Beyond the Libraries
System Security Beyond the Libraries
Eoin Woods
 
Access Control Fundamentals
Access Control FundamentalsAccess Control Fundamentals
Access Control Fundamentals
Setiya Nugroho
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile World
David Lindner
 
Assignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docxAssignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docx
ssuser562afc1
 
Working Effectively with PeopleSoft Support
Working Effectively with PeopleSoft SupportWorking Effectively with PeopleSoft Support
Working Effectively with PeopleSoft Support
Smart ERP Solutions, Inc.
 
Troubleshooting Lawson Security
Troubleshooting Lawson SecurityTroubleshooting Lawson Security
Troubleshooting Lawson Security
Nogalis Inc
 
Upgrade to IPA Made Easy
Upgrade to IPA Made EasyUpgrade to IPA Made Easy
Upgrade to IPA Made Easy
Nogalis Inc
 

Contenu connexe

Similaire à Lawson Security

Microsoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification TrainingMicrosoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification Training
David Blumentals
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
gealehegn
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile World
David Lindner
 
Assignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docxAssignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docx
ssuser562afc1
 

Similaire à Lawson Security (20)

All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Microsoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification TrainingMicrosoft Dynamics CRM Certification Training
Microsoft Dynamics CRM Certification Training
 
TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1TUD CS4105 | 2015 | Lecture 1
TUD CS4105 | 2015 | Lecture 1
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
 
Practical Defense
Practical DefensePractical Defense
Practical Defense
 
The Evolution of Development Testing
The Evolution of Development TestingThe Evolution of Development Testing
The Evolution of Development Testing
 
Data Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data ProtectionData Modeling for Security, Privacy and Data Protection
Data Modeling for Security, Privacy and Data Protection
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information security
 
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
4_25655_SE731_2020_1__2_1_Lecture 1 - Course Outline and Secure SDLC.ppt
 
Threat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security RiskThreat Modeling to Reduce Software Security Risk
Threat Modeling to Reduce Software Security Risk
 
[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles[Warsaw 26.06.2018] SDL Threat Modeling principles
[Warsaw 26.06.2018] SDL Threat Modeling principles
 
Secure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and SharingSecure Coding: Field-level Security, CRUD, and Sharing
Secure Coding: Field-level Security, CRUD, and Sharing
 
Test cases and bug report v3.2
Test cases and bug report v3.2Test cases and bug report v3.2
Test cases and bug report v3.2
 
Advanced Apex Security Expert Tips and Best Practices (1).pptx
Advanced Apex Security Expert Tips and Best Practices (1).pptxAdvanced Apex Security Expert Tips and Best Practices (1).pptx
Advanced Apex Security Expert Tips and Best Practices (1).pptx
 
Module 6.pptx
Module 6.pptxModule 6.pptx
Module 6.pptx
 
System Security Beyond the Libraries
System Security Beyond the LibrariesSystem Security Beyond the Libraries
System Security Beyond the Libraries
 
Access Control Fundamentals
Access Control FundamentalsAccess Control Fundamentals
Access Control Fundamentals
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile World
 
Assignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docxAssignment Grading Rubric Course IT286 Unit 4 Po.docx
Assignment Grading Rubric Course IT286 Unit 4 Po.docx
 
Working Effectively with PeopleSoft Support
Working Effectively with PeopleSoft SupportWorking Effectively with PeopleSoft Support
Working Effectively with PeopleSoft Support
 

Plus de Nogalis Inc

Plus de Nogalis Inc (9)

Troubleshooting Lawson Security
Troubleshooting Lawson SecurityTroubleshooting Lawson Security
Troubleshooting Lawson Security
 
Upgrade to IPA Made Easy
Upgrade to IPA Made EasyUpgrade to IPA Made Easy
Upgrade to IPA Made Easy
 
LBI For Dummies
LBI For DummiesLBI For Dummies
LBI For Dummies
 
ProcessFlow/IPA Differences
ProcessFlow/IPA DifferencesProcessFlow/IPA Differences
ProcessFlow/IPA Differences
 
Data Access Basics and Introduction to SQL
Data Access Basics and Introduction to SQLData Access Basics and Introduction to SQL
Data Access Basics and Introduction to SQL
 
Attaching Files to S3 Applications
Attaching Files to S3 ApplicationsAttaching Files to S3 Applications
Attaching Files to S3 Applications
 
Lawson Microsoft Addins
Lawson Microsoft AddinsLawson Microsoft Addins
Lawson Microsoft Addins
 
Implementing Requisition Approval
Implementing Requisition ApprovalImplementing Requisition Approval
Implementing Requisition Approval
 
Lawson ProcessFlow
Lawson ProcessFlowLawson ProcessFlow
Lawson ProcessFlow
 

Dernier

Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
chiefasafspells
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
masabamasaba
 

Dernier (20)

WSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AIWSO2CON 2024 Slides - Unlocking Value with AI
WSO2CON 2024 Slides - Unlocking Value with AI
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
WSO2CON 2024 - API Management Usage at La Poste and Its Impact on Business an...
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open SourceWSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
WSO2CON 2024 - Freedom First—Unleashing Developer Potential with Open Source
 
WSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - KanchanaWSO2Con2024 - Hello Choreo Presentation - Kanchana
WSO2Con2024 - Hello Choreo Presentation - Kanchana
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni%in Benoni+277-882-255-28 abortion pills for sale in Benoni
%in Benoni+277-882-255-28 abortion pills for sale in Benoni
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
WSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaSWSO2CON 2024 Slides - Open Source to SaaS
WSO2CON 2024 Slides - Open Source to SaaS
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
WSO2Con2024 - From Blueprint to Brilliance: WSO2's Guide to API-First Enginee...
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 

Lawson Security

  • 1. Lawson Security The basics to get you started
  • 2. Are you on Lawson Security? 48% 42% 10% Poll Lawson Sec LAUA No
  • 3. What is covered • Overview of security past and present • Introduction to components and terminology • Introduction to the tools and menus • A few simple tasks that you’re likely to perform • Implementation methodology • Troubleshooting
  • 5. User Security Roles DATAACCESS Security Classes PRADROLE HRGENROLE HRSETUPCLASS PAACTCLASS HR07HR04HR01HR00 PRACCESSCLASS PR12 PR13 PR51 PR52 PR67 PA52 PR68 PA100 HREMPCLASS HR09HR10 HR11 HR12 LSF Security ….
  • 6. The Hierarchy (in one profile) •User has many oRoles have many •Security Classes have many oRules
  • 7. What can you secure? • Online: Online Screens (e.g. HR11, PR13, GL00, PO20…) • Batch: Batch programs (e.g. PA100, HR211, PR198, GL190…) • Files: Database Tables • Elements … Not in this presentation • Element Groups… Not in this presentation • Data Source: The Productline • Securable Type o Form o Program o Table
  • 8. Rule? • Grant All Access • Deny Any Access • Unconditional Access to Action • Conditional Rule Access
  • 9. The Tools • RM Administrator o Add/Edit Groups o Add/Edit Roles • Security Administrator o Manage Security Profiles o Add/Edit Security classes o Add/Edit Security rules o Assign classes to roles o Manage user profiles o Run security reports o Manage security settings
  • 10. How to log in • For either the Security Administrator or RM Administrator o Server: Same sever as your Portal URL (you don’t need to type in the “Http://” o User: Has to be a security administrator (there are other user types but for now …) o Password: Same password as used on Portal
  • 11. Menus • Add/Edit Users • Add Roles to users • Manage identities • Add users to groups • Add/Edit security Classes • Assign a Class to A Role • Create an run reports
  • 12. Simple Task 1: Add a role to a user • Log into the Security Administrator • Select “User Management” section on left side bar • Click on “User Maintenance”. Opens new window. • Search for the user name by last name. o HINT: You can use wildcards. e.g. Rez* will bring back Rezaei • Right-click the row and select “Edit RM Information” • With the “Role” row highlighted, click on the button to the right • “Skip to End”; “Back”; Check “Description”; Next • Select Desired role and click the > button • Click Finish • Close the “Change RM Object” window • Acknowledge saving the record • Viola
  • 14. RM Record Should be set to Yes
  • 18. Simple Task 2: Grant Access to online Screen • Log into the Security Administrator • Double Click the Profile ID your classes reside in (PRD) • Double Click the Security Class to add access to • Click the “Add Rule” button • Select the securable type. Example: “Online” • Expand the system code your securable object is under. Example “IF” • Check the object you want to grant access to. Example: CU01 o Select “Grant All Access” on the right and click Apply o Expand the screen name and select the token you want to grant access to. Example CU01.1 • Select “Grant All Access” on the right and click “Apply” • Viola: As long as you have access to the system code (Example “IF”) and the DataSource (Example “PROD”).
  • 20. Did you catch that? • To grant access to a securable object like a screen, a batch job, or a database table, you need to grant access to the productline and the system code it resides in. • In order to grant access to a specific screen token (like HR11.1). You also need to grant access to the screen (HR11). The fields and tabs in the token are automatically granted unless you deny them specifically.
  • 21. Simple Task 3: Grant Access Prod • Log into the Security Administrator • Double Click the Profile ID your classes reside in (PRD) • Click “Add” (to add a new Security Class) • Name your security class (e.g. “ProdAccess”), add a description and click ADD • Click “Refresh” scroll double click your new class. • Add Rule • Select “Data Sources” from securable type • Select “Prod”; on the right select “Grant All Access” • Click Apply • Viola
  • 22. Drop downs and Drills • Must grant access to the tables the select or drill draws data from. • Table information can be found in the <system code>.or and <System Code>.sr files in $LAWDIR/Productline/??src
  • 23. Couple of other things • LSF Security is grant based. If in any of assigned classes access is granted then the user has access. EVEN IF it’s explicitly denied in another one of the user’s classes. • You can write conditional rules based on lots of things. Here are some examples: o Data Elements: Company, Process_level, Department, Job_Code o Screen Fields o User Profile information o Date/Time o Structures o Elements / Element Groups o Identities
  • 25. Methodology • Come up with a good naming convention for roles and classes before you do anything else. These should make sense at a glance and be easy to classify and sorting them should also group them. • Start with Roles in the company • Determine Tasks each role needs to perform (These will be your security classes) • Determine what each task is composed of (These will be your rules) • Assign classes to roles • Assign roles to users • Do one user group at a time, not all at once
  • 26. Troubleshooting • If all else fails in your troubleshooting make sure to: o Perform an IOSCacheRefresh o Clear all your browsing history and restart the browser o Remove all other roles but the one you’re testing from the user o Run a security report o Check security log files in $LAWDIR/system/ o Clear Security Cache under the Server Management section of the security administrator o Reduce the “CACHING_INTERVAL” under the server settings in the Server Management section of the security administrator o Try it in LID o Take a break

Notes de l'éditeur

  1. Skip this