"Security groups" allow for fine-grain permission checking, on a user-by-user basis, across an entire OFBiz web application ("webapp"). If you have webapps needing protection based on a user's permissions—that is, a user's authorization to perform various business processing tasks—and not just login authentication, then using security groups may be the answer.
To protect an OFBiz webapp using security groups, proceed as described here:
1. In the
ofbiz-component.xml
file for the component containing the webapp to be secured, add one or more security groups using thebase-permission
attribute. To add multiple security groups, separate each group name with a comma (","). In the following example, we configure theOFBTOOLS
security group association for themyapp
webapp:<webapp name="myapp" server="default-server" location="webapp/myapp" mount-point="/" base-permission="OFBTOOLS" app-bar-display="false"/>
2. In the
controller...