Novulo User Management

This post describes the basics for User management and security monitoring.

The core component for the user management is M3290. It contains the Users overview and the User account details page from where one can manage user data.

To track mutations of users, we recommend to also include M10661, which tracks changes to rights profile or username.

The core User Management component produces the N_ApplicationLoginAccount concept. M3290 is often used with M3019 to connect an account to a contact > check Datamodel: Connections, Persons, Organizations and Contacts.

The User account details page > “Account” form

  • Email address (not allowed to be empty and must be unique);
  • Password (not allowed to be empty; can be editable or not);
  • Right profile (not allowed to be empty) > check Right profiles;
  • Active checkbox;

“History” form

It contains created at/modified at date/time properties.

The “Show instructions” button

It loads documentation how to fill in a form > check the post how to create an instruction for a page.

Novulo Security Monitoring

The component M9074 also consumes the N_ApplicationLoginAccount concept and adds the grid “Authentication attempts” to the User Account details page. N_AuthenticationAttempts concept is produced from M9074.

The “Authentication attempt” form:

  • When;
  • Identity;
  • User (= N_ApplicationLoginAccount);
  • Initiator;
  • Result (Succeeded, In progress, Failed, Logged);
  • Reason (if the result = failed);
  • Remarks.

The Network information is also saved (IP address, user agent string).

The Novulo Network utils plugin

M9074 uses the plugin that provides utils functions related to Networking.

Starting revision 107369, this plugin has become the main plugin providing all IP related actions. A webconfig option needs to be filled in case there are proxies/load balancers between the User browser and the actual server where the application is hosted:

  • type = AppSettings,
  • action = add;
  • key = NovuloNetworkUtils.KnownProxyIPs,
  • value = comma separated string with trusted IP address(es).