My Apex application has to capture users on when they accessed the application and what they queried within the application.
Since this is a Read-only application the application need not capture insert, update or delete changes.
Could this be done with Apex? If you could explain on how this can be done, it will be very helpful.
Thanks
Your question is too broad. I can only show directions for work:
to audit logging you can create custom authentication scheme and write login attempts within an authentication function.
to audit actions you can use processes. A process with type On Load - Before Header can be used for logging visited pages, a process with type On Submit - for logging actions.
Edit
I've just found this chapter in APEX documentation: Creating Custom Activity Reports Using APEX_ACTIVITY_LOG. As I can understand, it is exactly what you need.
Related
i am doing a register page for my application.
My application use express account of apex.
Register page of-course is a public page (not require authentication - because there is no account at this time to authenticate).
Problem is 'nobody' user does not has ADMIN privilege to perform APEX_UTIL.CREATE_USER procedure.
I found a tutorial that creating a temporary table, procedure and job to create user on another thread. I do not try this yet. But UX is not good because it cannot be done in 1 transaction.
I want to find solution for this issue. Thank for your help.
I want to register a plug-in in Plugin Registration Tool when a user logs in to Dynamics CRM. For this I don't want to use Audit. I want to catch the login event directly.
If this is not possible, is there any log that is create in every login of the user.
As far as I know, No you cannot do so.
But CRM has provided few different ways where you can check which users are currently working/logged in.
Go to Settings--> System Settings--> Auditing and then you can enable audit user access.
Above will enable for all users and then you can see audit data as below.
Ref for 1st option https://blogs.msdn.microsoft.com/emeadcrmsupport/2015/07/09/dynamics-crm-audit-user-access-data/
Now another way you can do so it visit url https://admin.powerplatform.microsoft.com/
Here go under analytics and then common data service. You wil get most of the info
High level design of what I would do:
Make/identify a default dashboard for all users and keep a HTML web resource in there
Web resource can have a method to invoke Xrm.WebApi.online.execute for executing a Custom Action by passing parameter to include IP, Lat, Lon, Browser details. Read more
Register a plugin on Custom Action message to trigger and achieve what you want there
Currently I have assigned to the software project.We are developing the education web portal.The main parts of the system are teacher,student and admin.Teachers and student can register to the web portal by using there details.Admin is responsible to accept the request of registration of student and teachers.I am going to do this task by using Laravel Framework.And also i going to use vue.js,xammp,mysql,html5,css technologies.Is there any other useful technologies to do this task?
Of course, I'll give you a simple solution and then you will adapt it in your project.
Start with adding a accepted flag into the users table, then every time that a user registers into your application you set this flag to false, now you can build your page to list every user that hasn't been already accepted with some sort of action that allows the admin to make the update on the specific user table and set that flag to true.
I am using vaadin 7, and jboss 7.1.1. There is a business requirement for very granular ui access. There will be parent windows per business function, and in that window functions relative to it. Business requires enabling and disabling those functions within, per user, so as an example, a parent window that represents employees, and when you click that you enter the child window which has functions like editing, deleting, viewing, adding,etc etc but that access must be customized to the user using it, so user x can update but not delete, as an example.
So what i came up with was to store that information in the database. In the database there will be a users table with username and a user guid. Then a parentview table and and parentchildren table and then lastly a userview table. i will store in the userview table the users guid and either the view they have access to and what type of access as in read,write,update,etc... I will on the ui login authenticate against ldap, get the users information and guid and use the guid to pull the users view access from the userview table in the database and store it in the vaadin session, and then on the ui, read that from the session and show the correct access.
I am not sure if this is the best way which is why i am asking if my solution is ok? I have been reading lots of doc's around security but non seem to achieve what i want. Another point of keeping it in the db, is that i can create a user admin ui which can edit the users access simply by updating the db, i dont want to redeploy or do anything with the webserver, I would prefer a ui user access control module and for someone with rights to it to administer that access. I would really appreciate insight and some ideas into this.
Thanks guys, I would appreciate any input.
What you want to achieve, regardless of the environment you are in and technology you are using, is fine-grained access control / authorization.
The way to do that is to use authorization frameworks. Spring Security has one for instance. I'm not sure whether Vaadin comes with anything.
In our company we use Vaadin to develop a management portal and we then use XACML to apply fine-grained decisions to the portal such as which functions to enable for which users and even which items to display in a Vaadin table.
Generally speaking you want to look at the field of attribute-based access control (NIST ABAC). ABAC lets you define authorization constraints based on different factors/parameters such as user attributes (location, department, role...) and resource attributes (where the resource can be data, widgets, functions... You name it).
I actually delivered a webinar yesterday on the topic of fine-grained authorization for Java MVC apps. I think it could prove useful for you.
If you go down the XACML path, you do not need to create a custom database with the information inside as you have done. All you need to do is write authorization policies e.g. a user in purchasing can use the purchasing functions.
There are several open source XACML implementations as well as vendor solutions such as the one I work for, Axiomatics.
I hope this helps. I've also written a lengthier answer here which covers the broader field of authorization.
I have an webpage which posts some data and then redirects to a page within an oracle apex application. Is there a way to grab that posted data from within apex?
In general, no, APEX knows nothing about the session state persistence mechanism of other platforms. However if the first web page saves the posted data to some agreed, accessible location (e.g. an Oracle table) then your APEX application can retrieve it.