Epandframework security module configuration - devexpress

I am using XAF from devexpress, I just added the security module from the expandframework and all my navigation disappears for non administrative users.
Am using XAF's new security system all well configured even navigation.Is there
extra configuration that am unaware of in expandframework?(am new to the expand framework)

The info you posted is not enough to determine this behavior. For each eXpandFramework module there is a set of tester solutions located # https://github.com/expand/eXpand/tree/17.2/Demos/Modules I suggest you look how the SecurityTester solution is configured and try to see what might differ. SO is not the best place to post such questions as there are dedicated forums and I happy to help you if you post a sample demonstrating this case there.

Related

Code-blocks are not allowed in this file - Where is My web.confi file

I have a sharepoint at my office. Its 2013 version. Where I want to write some asp code. But the issue is SharePoint is blocking the code and I am getting error "Code blocks are not allowed in this file". I searched google and found several links to solve the issue by saying make some changes to the webconfig file.
Now my question is how do I find the file. Where it is actually.
What I have is a sharepoint, I don't have any designer. I only have admin access for this site. Can some one please guide me.
I know there are several entries here in stackoverflow, but no one is talking about where to find the file.
Please help me.
My apologies if this happens to be a repetition, in that case please point me to the right post. Thank you guys.
By default injecting server-side code (ASP.NET) in SharePoint pages directly from sites is not allowed for performance reasons, and should remain as is.
If you never approched SP developpment and are not an administrator of the farm in your company I strongly advise you to see first if you can solve your needs with client side development (javascript) instead of going to server side (ASP.NET).
SPS2013 comes with the "Script Editor WebPart" that you can use to inject your custom JS on pages. If you need your custom on all pages consider adding your JS on the site's masterpage.
From JS you can use SharePoint REST API to interact with your site https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/get-to-know-the-sharepoint-rest-service
If you need heavy customisation for your site you can move to the addin model (client side) that will require Visual Studio IDE develoment suite.
And last option is if you explicitly require serve side code and/or need to develop a scalable enterprise grade solution, you will need to make a "SharePoint full trust solution package".
PS: You may see articles around about "SharePoint Framework" (aka SPFx), unfortunatly this is not available for SPS2013.

Wanted to make alfresco site read only

Want to make alfresco site read only in alfresco community 5.0 so that no one can make any changes or edit that during migration.
I already tried changing the user/group permissions but that method doesn't work properly. Is there any other way to make the sites read only?
You need to make all sites in read only mode and so entire Repository should be in read-only mode for migration!
Try this property in your alfresco-global.prop file
server.allowWrite=false
Please check this for reference
The best way to make a site read only would probably be to modify all members of that site to have the consumer role (this would prevent them for creating new content or editing any existing content).
Unfortunately there is no bulk capability built into the UI to do this, however it should be a relatively straightforward exercise to create an admin only custom WebScript to achieve this. It would necessary for the Admin to become the site manager of each site before attempting to change the role of each site member, but there is an API for doing this.
Alternatively (if you have only a few sites) then you could do this manually through the UI using the Site Management Admin Console page. Again, the Admin would need to become the Site Manager for each Site and then visit the site and change the role of every member.
As suggested by #DaveDraper in a former answer, you could setup site memberships to the consumer role. However, this won't take into account any special permission given on a particular node (folder/document) in that site either with or without inheritance of permission.
So, if you intend to block any writes on the entire alfresco repo/site you could simply setup an extra security interceptor on your NodeService to block any write access using the NodeService.
PS : You could get some inspiration from the "NodeService_security" bean and implementation !
I can think of a turn-around or two, but those would be really sloppy so I won't be including them in this response

How does Spring work with apparently no code?

I am trying to understand the example described here.
What is puzzling to me is that there is apparently no code. I run the spring-security-samples-insecuremvc-3.2.x within Tomcat and a form is presented to interact with but there is no Java code whatsoever as far as I can see. I can't even find the form. I realize that the code must be in one of the dependencies but I am baffled at how this all works.
Spring does generate/provide a default login form if it's configured to do form-based login and no custom login form is configured.
Sidenote: how to create and configure a custom login form is, for example, explained here: http://docs.spring.io/spring-security/site/docs/3.2.x/guides/form.html (to long to be copy/pasted here).
I have been looking at this sample today with the same questions as you - where the heck is the source? I finally found the answer I think you're looking for. Take a look at the pom.xml and in the dependencies you'll see spring-security-samples-messages-jc. Assuming you downloaded all the samples, import that project into STS and you'll find the files you're looking for.
BTW, I've been following the instructions on the spring security website to add security to this sample and I have not yet been able to get it to work - the login screen does not appear. Let me know if you have better luck than me.
The default spring security login form is generated by the class org.springframework.security.web.ui.DefaultLoginPageGeneratingFilter which is in spring-security-web-$version.jar
The method is generateLoginPageHtml()

Taking /Pages out of the SharePoint URL?

A customer is asking if there is anything we can do to remove "/Pages" from his Internet-facing MOSS publishing site. Some Googling reveals that some clever use of HTTPModules may be able to hide the presence of Pages, but I've yet to see an end-to-end working solution. Have any of you come up against this particular requirement, and if so, how did you resolve it?
The customer's main concern with /Pages is the SEO impact of it - if anyone has any way to mitigate those issues or can explain why having this extra level in your URL would not be a concern, that would be appreciated as well (and probably better, in the long run!)
Check out this posting. http://blog.mastykarz.nl/semantic-urls-in-moss-2007-imtech-sharepoint-semantic-urls-free-feature/
The main issue you'll have is that Microsoft won't provide support for a SharePoint instance that has "hidden" the pages library.
Yes, you can use a URL re-writer to exclude the /pages section of the path, and you will also need to perform a search and replace on the response stream to strip it out of all generated URLS - this will obviously have a performance hit on the server - but with careful use of caching, it might not be that noticable.
PSS will require you to remove the setup before they will investigate any issues with your site, so you (or your client) will need to weigh up the perceived benefits with the performance and support issues.
I believe we've done it for one of our clients in the past, but most are happy to stick with the /pages element - it really doesn't have that much effect.
I know ASP.NET 3.5 SP1 has the URL routing engine that ASP.NET MVC uses built in. If you wanted to run against that version of the .NET framework, you could use routes to eliminate the /Pages part of the URL. But I'm not positive about running MOSS on that version of .NET. That's the first place I'd check, though.
You can get a list of public facing websites using MOSS here. You can see they use the "page" libraries and you can check your favorite search engines against the content.
Hopefully this will be enough to demonstrate that the "Page" libraries aren't going to be too much of an issue and you can save them a bunch of cash.
You can change the name (and the url) of the /Pages library.

Is there any Forum or Knowledge base for Plumtree interms of hosting Asp.net as Portlets

I am quite new to Plumtree, and hosting asp.net pages as portlets is not so easy.
There are weird issues coming up every time, like
-> Session variables don't work across PAges
-> Build- in Ajax doesn;t work
-> Response.redirect fails
I would like know more on hosting asp.net pages in plumtree, Please let me know if you come across any Forum or Knowledge base for Plumtree.
Your best place would be BEA/Oracle forums for Aqualogic, LiquidSomething, Interaction, or whatever they call it now.
Explaining inner-working of Plumtree here would take forever.
The best way to do this is to use the session preference in the web service definition
B
Use session preferences. More information and details can be found here: http://download.oracle.com/docs/cd/E13174_01/alui/devdoc/docs60/Portlets/Basics/PlumtreeDevDoc_Integration_Portlets_Settings.htm
Also check out http://www.function1.com/blog for Plumtree/Aqualogic Interaction/WebCenter Interaction discussion.

Resources