Security permissions denied action

Description

Defines what should happen if an action is denied by security.

Discussion

The Security permissions denied action defines the action the security system will take when a request is made from this component and the request is denied because of security restrictions.

A security restriction can occur if a UX attempts to open another component that has login restrictions and no one is logged in, or the user has insufficient permission to see the component being requested. The security action will also be taken if the current component has login restrictions, the login has expired, and some request is made to the server, such as a request to refresh a control or do a server-side sort on a column in a list control.

The action applies to only Ajax requests made from the component. A UX component ('parent' component) can open other UX components ('child components'). If any of the child components have a login restriction, and this action is set to fire the client side events on any of the components, the recommended 'best practice' is to set the property to fire the client-side event on all of the child components and the parent component. This should be set even if the parent component is always allowed.

Option
Description
Redirect to login page

Default. The security will redirect to the login or insufficient permission page as set in the security settings.

Fire client-side security event

Cause the server to return either a 401 status code if the login has expired, or a 403 status code if a user is logged in, but not allowed to access the requested component. This will fire either the securityNotAuthenticated or securityPermissionsDenied client-side events.

Using 'Fire client-side security event' 

The Fire client-side security event is primarily intended for use in a UX component that contains an integrated login section (for example in a mobile application where the UX has Panel Navigator with at least two Panel Cards and the Login controls are on Panel Card 1 and the afterLogin event sets focus to Panel Card 2).

In the case where the UX contains an integrated login section, the securityNotAuthenticated and securityPermissionsDenied events can be used to direct a user back to a panel or section used for login on a UX component. For example, the UX may have login controls on a panel, PANELCARD_1. The securityNotAuthenticated event could set focus back to that panel.

{dialog.object}.panelSetActive('PANELCARD_1',true);

If the event was fired from a child component, the event in the child component could redirect the user back to the login panel.

var po = {dialog.object}.getParentObject();
if(po) {
    po.panelSetActive('PANELCARD_1',true);
}

If the child was opened in a window, the child event could also close the window. If the child UX had a control named 'list1', the event would be:

var po = {dialog.object}.getParentObject();
if(po) {
    var ele = {dialog.Object}.getPointer('list1');
    {dialog.Object}.closeContainerWindow(ele);
    po.panelSetActive('PANELCARD_1',true);
}

See Also