Altova FlowForce Server 2024 

Restrict Access to the /public Container

Home Prev Top Next

The /public container (located under the top-level root container) is available by default in FlowForce Server. It acts as a location accessible to any FlowForce Server user and a location where any FlowForce Server user can store their data, without any predefined permissions. Therefore, by default, the /public container has the following permissions.

ff_permissions_public

Default permissions of the /public container

This means that, by default, any FlowForce Server user who is member of the role authenticated role can do the following:

 

Add, modify, and delete objects inside the /public container (namely, jobs, credentials, or other containers)

Reuse any credentials available in the /public container

Access as a Web service any job located in the /public container, provided that the job was configured to be available as a Web service

Refer to any function available in the /public container

Read the permissions assigned to the /public container

 

Note:These permissions may also be inherited by any containers that are children of the /public container. Normally, any new container inherits the permissions of the parent container; however, permissions may have been overridden by the user root user, or by other users with relevant privileges.

 

You can restrict access to the /public container, if required. Note, however, that the job configuration examples included in this documentation assume the existence of the /public container.

To restrict access to the /public container:

1.Revoke permissions on this container from the role authenticated role (see Setting Container Permissions).

2.Create a new role and assign this role to all users who require permissions to the /public container (see Roles).

3.Assign to the new role only the required permissions (again, see Setting Container Permissions).

© 2018-2024 Altova GmbH