Security Configuration
The security configuration is managed in several resources.
The configuration for security resides in the model for each of these resources:
app-flow.json
, name-flow.json
, name-page.json
.
If requiresAuthentication is false, specifying roles or permissions results in an
error. By default an artifact inherits the requiresAuthentication property from its
parent. If this is not present in the application configuration, it defaults to true. This
means that if no security section is defined in any of the artifacts, the application will
require authentication when starting.
The configuration follows the format seen in this example:
"security": {
"access": {
"requiresAuthentication": true/false,
"roles": ["role1", "role2"],
"permissions": ["perm1", "perm2"]
}
}
When an anonymous user navigates to an artifact (page, flow or application) and the artifact is secure, the user is prompted to login, and is then redirected to the artifact. This functionality is provided by the default implementation of the Security Provider.