Hi David,
OneBox API does provide support for passing security information so that the
results can be filtered based on users authorization levels.
You can find detailed information about access control with OneBox at:
http://code.google.com/enterprise/documentation/oneboxguide.html#secureconnectiontotheprovider
On 6/13/06, davi...@cummins.com <davi...@cummins.com> wrote:
We are planing to implement the solution into one of our very secure
application. But I was not sure if Onebox provides the datalevel
security. For example, After logging into my application, I navigate to
a screen which fetches data from a common Oracle DB table. The
application will sort out data depending on the user's access
previlages defined by the application and display the user's relevant
data only. Any other user's data must never even be exposed partially.
Does Onebox provide such a powerful capability? The documentation
speaks security on the URL level only and so I am not convinced the
data that each user sees on the screen is limited to his data only.
Please help me in making a decision for this scenario.
3 messages in com.googlegroups.google-enterprise-developerRe: Security in Onebox