Live Forms v6.2 is no longer supported. Click here for information about upgrading to our latest GA Release.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

has a plugable security mechanism and offers a variety of Security Managers. If you use the  built-in security manager, a tenant admin can create users and roles directly in your tenants. See the Manage Users and the Manage Roles for instructions on creating users and roles.

also supports the LDAP/Active Directory Security Manager that pulls users and groups from your external Active Directory or Open LDAP system; a Delegating Security Manager such as used by Confluence; and custom security managers. Refer to your security manager documentation for instructions for creating users and roles. Note that with LDAP Security Manager and Delegating Security Manager, groups are the equivalent of roles.

On this page: 

Creating Roles

With  built-in security manager, a tenant admin can create and manage roles directly in a tenant; roles are commonly used in work flows and for digital signatures. See the Manage Roles topic for instructions on creating and managing roles.

With the LDAP Security Manager or Delegating Security Manager, groups are the equivalent of the roles created in tenants that use the built-in security manager. Please refer to the documentation for those security managers for information about creating users and groups (roles).

Creating Users

With ' built-in security manager, a tenant admin can create and manage users directly in a ' tenant. See the Manage Users topic for instructions on creating and managing users.

With the LDAP Security Manager or Delegating Security Manager, users and groups (which are equivalent to  roles) are defined outside of .

Using Roles & Users

Security Manager Configuration

 has a built-in security manager that allows you to create users and roles directly in your  tenant. Refer to this documentation for more information.

Passwords

 uses a more secure salted hash strategy for storing hashed user passwords. Salting a hash of passwords makes the password storage better protected from dictionary and brute force attacks.

 uses a random salt value for each user's password and the salt changes whenever the password changes. In order for proper operation, older unsalted (i.e. bland) passwords are still supported. Passwords for new users and password changes for existing users will result in the creation of salted password hashes. The old passwords in the database (users table) are 28 characters in the hashed form. 

Salted passwords are used in both the in-house and hosted versions of .  Here are some features where a salted password is used:  

  • creating a new user
  • creating a tenant 
  • copying a tenant  - (admin gets new style password)
  • changing a user's password 
  • user changing their own password
  • password reset

New passwords are salted SHA-256 hashes. The SHA-2 family of algorithms for password hashing is more secure in the area of vulnerabilities. The total salt + hash size of these new format hashed passwords is 76 chars.  

Access Control for Users/Roles

Access control allows more flexibility when the designer is assigning access to execute forms and flows, view/edit form/flow submissions and view the audit trail of an active flow.  Access can be granted to  users and/or roles in these three areas. Refer to this Access Control and Shared Items for the details.

  • No labels