If Security.LoginRequired = on and Security:AccessControl = on, these permissions authorize special actions and commands when the OntoBroker is accessed via Collabserver, socket API or OntoBroker web service.
ob:collabserver:addontology |
For collabserver / remote API you now need the permission "ob:collabserver:addontology" to create or import ontologies. Alternatively you are allowed to perform these actions if you have write permissions on the ontology to be created or imported. |
ob:command:query |
Permission holder is allowed to perform query command |
ob:command:xy |
Permission holder is allowed to perform command named "xy". xy is a placeholder here for any of the OntoBroker commands like query, insert, delete, ... |
ob:command:* |
Permission holder is allowed to perform any command |
ob:collabserver:cancelpendingopen |
Permission holder is allowed to call method OntologyManager.cancelPendingOpen() via Collabserver |
ob:collabserver:longtransaction |
Permission holder is allowed to start long transactions via Collabserver |
ob:collabserver:sessioninfo |
Permission holder is allowed to call method ClientSessionManager.getActive () via Collabserver |
ob:collabserver:addontology |
Permission holder is allowed to load or create any new ontology via Collabserver |
ob:collabserver:* |
Permission holder has all collabserver permissions |
ob:reasoner:debug |
Permission holder is allowed to activate tracing on query execution |
ob:reasoner:* |
Permission holder has all reasoner permissions |
Log User Login/Logout
This feature will do the following: If (and only if) the following line in conf/log4j.properties
log4j.category.[LOGIN]=WARN
is changed to
log4j.category.[LOGIN]=INFO
then a user login/logout is logged. This feature only makes sense when the server is started with
Security.LoginRequired = on
NOTE: the logging is not failsafe: E.g. the log-out is typically not logged when a timeout occurs