What Is the Preferred Security Context?

This section defines the preferred security context.

Overview

This section explains what happens at logon with regard to ownership.

Objects created by VPLM and CBP applications do not have the same ownership attributes by default. When a user logs onto a CBP application, the user provides a username (and password). On CBP objects, ownership is based on the user.

However, users logging onto VPLM applications connect to a security context, and the ownership of VPLM objects created using this context is based on the following attributes:


  • owner (user)
  • altowner1 (Organization)
  • altowner2 (Project).

This means that VPLM objects have two extra ownership attributes with respect to CBP objects.

To apply homogeneous ownership attributes both VPLM and CBP objects, two extra attributes can be implemented on CBP objects. These are:


  • the altowner1 attribute mapped to the organization
  • the altowner2 attribute mapped to the project

and are implemented by the preferred security context to which CBP users can be associated.

How Is the Preferred Security Context Implemented?

The preferred security context mechanism is implemented in a variety of ways:


  • the administrator can set up a default preferred security context for all users in the database.

    As administrator, you can use a command impacting the definition of a PERSON, provided with the P&O batch import tool to create the preferred security context. Then, CBP users logging onto the web application can then select this context using the My Profile command. Once the context has been set, it will be used by all CBP webtop login processes. Logging in using this context ensures that CBP objects will possess all three ownership attributes.

  • when CBP objects are created, a creation trigger is implemented; this trigger reads the security context used at logon and adds the altowner1 and altowner2 attributes to the created object, resulting in the following ownership vector: owner, Organization, Project for all objects created.

    No action is required by the administrator to benefit from these triggers (activated, for example, for VPLM Integration and BOM synchronization). All triggers are preset in the database at installation.

  • when CBP object ownership is transferred, a similar trigger changes and/or updates the same attributes in the same way as when they were created.
  • finally, ownership attributes are correctly set during object synchronization.