How do you set the number of form actions in a security group?

We recently upgraded to TRIRIGA Platform 3.5.3 and we are still in Application 10.3. We have a custom cstWorkTask form and it has 133 form actions. In the “Shop Foreman” security group, we want to give access to over 125 form actions.

But it looks like there is a limit where you can only set 119 form actions. Because as soon as you select the 120th form action, the spinning wheel appears and never completes. We have tried clicking the “Select All” check box, but as soon as you click that, the spinning wheel appears and never completes. If we remove a couple of actions from the 119 already selected, then it lets you check two more without the spinning wheel. Is there any setting that controls how many form actions can be set in the security group? Or is this a known issue?

[Admin: To see other related posts, use the Security Manager tag.]

Continue reading →

Why can’t you view document upload screens in TRIRIGA?

A navigation item whose target is set to “External URL” and whose URL links directly to a folder no longer works. An error such as the following might occur: “An error occurred, please contact your system administrator: [MID-4077624314].”

The Java applet that uploaded documents based on the navigation item target in earlier TRIRIGA versions is deprecated due to security concerns. Most browsers no longer support Java applets. The applet upload function is replaced with an HTML5 upload function.

As a result of these changes, “External URL” navigation items in earlier TRIRIGA versions that successfully uploaded documents via portals to upload documents to a folder might no longer work. The Document Upload widget was redesigned to be used only in the context of either Document Manager or a record, not a portal. Use Document Manager directly to upload documents.

[Admin: This post is related to the 04.07.17 post about “External URL” navigation items that may no longer work, and the 07.10.15 post and 04.10.15 post about the document upload enhancement. To see other related posts, use the Document Manager tag.]

Continue reading →

What are the minimum permissions for TRIRIGA to function correctly?

In a standard OOB installation of TRIRIGA on Windows Server 2012 R2, it gives the user group the “Execute” and “Special” permissions to the TRIRIGA folder. We are concerned from a security perspective: Why are the “Execute” and “Special” permissions needed for a standard installation? What are the minimum permissions needed for TRIRIGA to function correctly?

You can remove the user group “Execute” permission on Windows. Only the service user needs permissions to read from the install directory, and/or execute WebSphere Liberty under the TRIRIGA install directory (if so installed).

[Admin: To see other related posts, use the Permission tag or Security tag.]

Continue reading →

Can you use system location in groups to control data access?

We are on TRIRIGA 3.5.2 and 10.5.2. I’ve recently noticed that in our security groups, there is now a “Location Name” field which is hidden. Is this a placeholder field for a future release? Or can we actually use this field to control data access?

No, record security is currently only supported on Geography and Organization. I am not aware of any current enhancements to add Location-based security.

[Admin: To see other related posts, use the Security Manager tag.]

Continue reading →

How do you control security settings in Document Manager?

I am looking for any resource that will provide information on how security for the Document Manager works with Company level views and Project level views. A couple of preliminary questions. (1) Can security group settings control what action displays or not? I cannot seem to get consistent results when changing settings in a particular security group. (2) Next, when the user is in Project level view, how do you control security settings for the Document Manager in this view?

The Document Manager actions are controlled by access given on the Permissions tab of the folder/document. Access can be: View, Modify, Download, Create, or Full Admin access. (Admin users have access to all actions by default.) For the user who creates a document record, all access to the document is given implicitly.

Similarly for the Project container: Only documents of the project for which the user is the author have all access. Access to other documents in the project is controlled by the access given on the Permissions tab of the folder/document.

[Admin: To see other related posts, use the Document Manager tag.]

Continue reading →

Verdantix: Will LED-based Li-Fi replace Wi-Fi technology?

Li-Fi is an exciting emerging technology that’s got the communications technology world talking. By transmitting data by modulating LED lights and using a light detector as a receiver, Li-Fi is extremely fast compared to Wi-Fi, being able to stream up to 224 gigabits per second compared to 100 gigabits achievable by the world’s fastest Wi-Fi network.

It also has great security benefits as it is harder to intercept the signal outside of the building (or smart building). There are potential cost advantages too as ordinary LED lights can be used lowering operational and maintenance costs, although this will depend on the router and receiver costs once production at scale is reached…

Only in 2017, we have witnessed three significant acquisitions and partnerships.

• Back in February, technology provider Philips Lighting acquired the French Li-Fi start-up Luciom.
• In September Scottish Li-Fi firm PureLiFi partnered with LED lighting provider Wipro Lighting, to provide products for the Asian market.
• Also in September, French Li-Fi specialist Lucibel partnered with Citelum, part of EDF, to provide a range of LED-based lighting solutions that deliver incremental benefits from better energy performance and Li-Fi communication…

[Admin: To see other related posts, use the Verdantix tag.]

Continue reading →

Can you disable the IBM TRIRIGA “System” account?

We are considering the disabling of the default System account for security reasons. We are currently protecting the account with a long strong password. Does anyone have any experience with this? Is this System account used in internal system processes where disabling it will not work or will wreck havoc on the system?

I don’t think you can “disable” the System account. Typically, what you have done already is as far as most people go. I’ve heard of one company having an executive type in the password and keeping the password secret until it’s needed for some justifiable reason.

Through the application or database, you could populate a random number which then no one would know. But I’d highly recommend taking a copy of your database before you start testing, changing the password, or anything else down that path. You could corrupt the database by trying to disable the System account.

[Admin: To see other related posts, use the Admin Group tag or Password tag.]

Continue reading →