Appian Community
Site
Search
Sign In/Register
Site
Search
User
DISCUSS
LEARN
SUCCESS
SUPPORT
Documentation
AppMarket
More
Cancel
I'm looking for ...
State
Not Answered
Replies
13 replies
Subscribers
7 subscribers
Views
4302 views
Users
0 members are here
Share
More
Cancel
Related Discussions
Home
»
Discussions
»
Administration
How can we easily remove the Designer portal for production system hardening? T
William
over 11 years ago
How can we easily remove the Designer portal for production system hardening? This is an audit requirement that the Designer portal should be "switched-off" by default. When there is a need to perform those Administration tasks like Application import etc, the system administrator can reactivate it or restore it back....
OriginalPostID-69338
OriginalPostID-69338
Discussion posts and replies are publicly visible
Parents
0
Eduardo Fuentes
Appian Employee
over 11 years ago
In that case you can disable it completely just change line #69 in that plug-in from:
if (user.getUsername().equals("Administrator") ||
to
if(
this way the Designer will be accessible only to users inside the Custom Designers Group mentioned before. If you keep that group empty then nobody will have access to Designer, not even the "Administrator" account. If a change is needed and somebody has to access designer, then that person has to go do the server and remove the plug-in, this action can be logged by monitoring tools in the OS level I'd assume.
Keep in mind that when you have a web server in front of an application there is usually an access log which stores the URLs requested by the end-user, in Appian the name of the actions are very suggestive, for instance, if a user is updating a profile you will this in the web server log:
2013-04-25 19:45:46 /suite/personalization/updateuser.bg?%24e=detailPane&appian_environment=designer - 200 0.048
Those are the options that come to my mind right now given there's no specific configuration at the Appian level itself to log every action that is taken by the user once he's logged in.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
Reply
0
Eduardo Fuentes
Appian Employee
over 11 years ago
In that case you can disable it completely just change line #69 in that plug-in from:
if (user.getUsername().equals("Administrator") ||
to
if(
this way the Designer will be accessible only to users inside the Custom Designers Group mentioned before. If you keep that group empty then nobody will have access to Designer, not even the "Administrator" account. If a change is needed and somebody has to access designer, then that person has to go do the server and remove the plug-in, this action can be logged by monitoring tools in the OS level I'd assume.
Keep in mind that when you have a web server in front of an application there is usually an access log which stores the URLs requested by the end-user, in Appian the name of the actions are very suggestive, for instance, if a user is updating a profile you will this in the web server log:
2013-04-25 19:45:46 /suite/personalization/updateuser.bg?%24e=detailPane&appian_environment=designer - 200 0.048
Those are the options that come to my mind right now given there's no specific configuration at the Appian level itself to log every action that is taken by the user once he's logged in.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
Children
No Data