Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


Section


Column

frevvo has a plugable security mechanism and offers a variety of Security Managers. If you use the frevvo built-in security manager, a tenant admin can create users and roles directly in your tenants frevvo tenants. See the Manage Users and the Manage Roles for instructions on creating users and roles.

frevvo also supports two types of LDAP Security Managers that pull users and groups from your external Active Directory or Open LDAP system; a Delegating Security Manager when you are integrating frevvo with Confluence; a Database Security Manager that pulls users and groups from your external users database; a SAML Security manager that allows enterprises to take advantage of Internet Single sign On and custom security managers that lets you integrate with a security manager that you build yourself.


Column
width300px

On this page: 

Table of Contents


Creating Roles

With  builtWith frevvo built-in security manager, a tenant admin can create and manage roles directly in a tenant; roles are commonly used in workflows and for digital signatures. See the Manage Roles topic for instructions on creating and managing roles.

With the LDAP Security Manager or Delegating Security Manager, groups are the equivalent of the roles created in tenants that use the built-in security manager. Please refer to the documentation for those security managers for information about creating users and groups (roles).

Creating Users

With frevvo' builts built-in security manager, a tenant admin can create and manage users directly in a ' frevvo tenant. See the Manage Users topic for instructions on creating and managing users.

With the LDAP Security Manager or Delegating Security Manager, users and groups (which are equivalent to frevvo roles) are defined outside of frevvo.

Using Roles & Users

Security Manager Configuration

frevvo has a built-in security manager that allows you to create users and roles directly in your  tenantfrevvo tenant. Refer to this documentation for more information.

Passwords

frevvo uses a more secure salted hash strategy for storing hashed user passwords. Salting a hash of passwords makes the password storage better protected from dictionary and brute force attacks.

frevvo uses a random salt value for each user's password and the salt changes whenever the password changes. In order for proper operation, older unsalted (i.e. bland) passwords are still supported. Passwords for new users and password changes for existing users will result in the creation of salted password hashes. The old passwords in the database (users table) are 28 characters in the hashed form. 

Salted passwords are used in both the in-house and hosted versions of frevvo.  Here are some features where a salted password is used:  

...

Access control allows more flexibility when the designer is assigning access to execute forms and workflows, view/edit form/workflow submissions and view the audit trail of an active workflow.  Access can be granted to  users frevvo users and/or roles in these three areas. Refer to this Access Control and Shared Items for the details.