atoti.security.Security#

final class atoti.security.Security#

Manage the parts of the security config that can be changed without restarting the Session.

Note

This feature is not part of the community edition: it needs to be unlocked.

  • Users with the ROLE_ADMIN are administrators: they have full access to the application.

  • Non-administrator users without the ROLE_USER will not be able to access the application. See individual_roles for an example.

  • Users with the ROLE_MEASURE_LINEAGE can access the measure lineage REST API, which provides dependency graphs showing parent/child relationships between measures.

basic_authentication

individual_roles

Mapping from username to roles granted on top of the ones that can be added by authentication providers.

kerberos

ldap

oidc