X4 Produktdokumentation
X4 Produktdokumentation
Breadcrumbs

<Access>

The <Access> element contains configuration definitions for accessing the Web App. You can declare the element with the following attributes.

Attribute

Description

accessRight

Defines which role can access the Web App.

Possible values: Name of a role previously defined in the identity provider

AuthConfigName

Defines which configuration from the authentication_config.xml file is used.

Possible values: Name of a configuration entered in the authentication_config.xml file

authorizationFlow

Defines which authorization flow is used. If you do not want to require a login, use Public.

Note:

To use the single-sign-on functionality, you need to use the Authenticated authorization flow.

Possible values:

  • Public

Note:

Users who access the Web App without logging in are identified as ANONYMOUS_USER. Anonymous users cannot receive special rights.

  • Authenticated

  • realm

  • client

  • clientSecret

⚠️ DEPRECATED

Note:

Previously, in X4 BPMS, it was possible to specify the Realm, Client ID and Secret parameters in .wsinc and .wad files in order to use a different realm in the standard Keycloak system for individual HTTP endpoints or Web Apps. As of X4 BPMS 7.5.0, this function is considered obsolete (deprecated).

The current implementation supports the use of multiple identity providers (IdP) at the same time. Each secured endpoint is protected by default with an authentication configuration marked as the default.

If an endpoint or Web App is to be secured with another IdP or another realm of the same IdP, the desired authentication configuration is now specified instead of dynamically overwriting the realm, client ID, and secret per call.