We are creating multiple SmartObjects that will be storing their data in the same SQL Database. All SmartObjects are going to use the ServiceAccount to access the database.
Some of these tables will contain sensitive data. Authorization will be implemented through the form. To protect the data, is there a way of restricting who can access the SmartObject Rest/WCF services?
Cheers
Matt
At this time, no there is not any security that can be applied at the SmartObject level. If you need to enforce security it will have to be done at the DB level by changing the SQL Broker Instance to use Impersonation.
Here is a blog post I found that touches on the topic of impersonation with k2. http://velocity-it.com/sql-user-impersonation-with-k2/
S.
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
