Greetings,
We are considering creating some SmartObjects that will surface sensitive data. I only want people who are authorized to use that data in their processes to be able to access the SmartObjects and place them in their processes.. Can I configure this type of security?
One of the key things about K2 SmartObjects is the fact that it honors the line of business (lob) system’s security model, as a best practice we suggest that all service Objects are registered using Integrated Windows Authentication to insure that the actual user’s credentials accessing the data is passed to the lob system. In these scenarios only information the user has access to (on the lob system) will be loaded. We do not have additional security on the SmartObject framework that can overwrite the security model protecting sensitive data. For the workflow to access information you will have to grant access to the K2 Service Acc as this account will be passed when data is queried via smartobject framework in the workflow.
In short, for a user to access info from LOB system via K2 SmartObjects the user needs to have permissions set on the actual LOB system.
Hmm... ok..
Tough situation since the LOB system is a web service from an ASP and the methods for getting access are a little squirrly such that we're thinking it's easier to utilize a service account. But according to your reply, then everyone can use it..
I guess we're going to have to figure out some method.
Thanks
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.