Permission system - Users, Groups, Roles

From ActionApps Documentation
Revision as of 18:52, 9 August 2005 by Marek (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Protecting slice data against an unathorized read access

Protecting sensitive data against reading

With the concept of Reader management slices introduced it is important that some data are not accessible for reading. This is achieved by setting a reading password for slices containing sensitive data. If you fill the field "Reading Password" in Slice Settings, you must always sent this password as a parameter slice_pwd. This may be done by adding this parameter to SSI includes like

<!--#include virtual="/aa/slice.php3?slice_pwd=the_password&slice_id=xy...."-->

If somebody tries to fetch read-protected data without the correct password, all fields are filled with an error message.

If you are interested, the password is prooved in the GetItemContent() function. For AA control panel pages (Item Manager and Item Edit), the function FetchSliceReadingPassword() is used.


Retrieved from "http://documentation.actionapps.org/documentation/index.php?title=Permission_system_-_Users,_Groups,_Roles&oldid=1563"