I?ve used AUTL to secure objects since I started out donkey?s years ago. I think I understand the concepts and the rules but then every now and again I get an authorisation issue which seems to break the rules.
The problem I get every now and again is that the Authority List rules break down and I am forced to put the profile into the user authorities of the object which has an AUTL list named. The authorities appear to ignore the fact that the object is secured by an authorisation list, but I don?t know why.
In this instance, the user was authorised to the object via several routes, due to a supplemental Group Profile owning the object (I know bad practise and once I wouldn?t use personally, just haven?t gotten around to fix this legacy set-up), and the same supplemental profile being authorised in the Authorisation List (*ALL) yes again lazy set-up seeing as this is a program object, and additional supplemental groups also being listing in the Authorisation List.
Basically when does the entry of the Authority List in the object authority get ignored ?
Do I have to specify Public *AUTL , to ensure the settings in the AUTL are followed, currently Public *Exclude with the authorised users specified (as Groups) in the AUTL ?
The problem I get every now and again is that the Authority List rules break down and I am forced to put the profile into the user authorities of the object which has an AUTL list named. The authorities appear to ignore the fact that the object is secured by an authorisation list, but I don?t know why.
In this instance, the user was authorised to the object via several routes, due to a supplemental Group Profile owning the object (I know bad practise and once I wouldn?t use personally, just haven?t gotten around to fix this legacy set-up), and the same supplemental profile being authorised in the Authorisation List (*ALL) yes again lazy set-up seeing as this is a program object, and additional supplemental groups also being listing in the Authorisation List.
Basically when does the entry of the Authority List in the object authority get ignored ?
Do I have to specify Public *AUTL , to ensure the settings in the AUTL are followed, currently Public *Exclude with the authorised users specified (as Groups) in the AUTL ?
Comment