Security FAQ

How can I see only the projects that I am working on?

Doing nothing Smile. By default every user sees only active projects where it is assigned. Of course when you start searching Twproject security starts working and you will see only tasks, issues, resources where you are allowed. See https://twproject.com/support/using-twproject/security/

How Twproject uses role-based security?

In two ways: global or local to a project. Global roles are valid everywhere (ok, not really everywhere, but in a security area) so if you have, for instance, a permission for “task read” you can see every task even if you are not involved on it; this could match the company’s boss case. Global roles are set from the user editor.
Locally to a project, role-based security is applied assigning users to a project. In this cane a “task read” permission will allow a user to see the project structure from that point and down. See this section for a complete overview on security: https://twproject.com/support/using-twproject/security/

How can I configure permissions for my users?

Permissions are set on roles. Roles can be assigned directly to users or by assigning them to projects. See https://twproject.com/support/using-twproject/security/

How can I have a read-only user?

Yes you can, both globally or locally to a project. There are built-in roles that accomplish this goal: “Supervisor” , “Stakeholder” and “Customer” respectively. See https://twproject.com/support/using-twproject/security/roles/

There are password policies?

Twproject have several password policies. Go to “admin” –> “Security policies”.  If you company have already implemented such policies using Active directory or a LDAP server you should consider to use it for authentication. See https://twproject.com/support/twproject-advanced-usage/connections/ldap-active-directory/

What an “administrator” can do?

Almost everything. There are some visibility restriction on private agenda events. If you have security concern, you should have only few (one or two) administrators and use “area managers” instead. Administrators have access to sensible configuration data.

Can I disable a user?

Yes of course. When a resource leave your company, you can disable it. Doing this you will preserve all inserted data and you will free a license. Go to the “resource editor” –> “security /login” and disable it.

Can I separate completely two departments data?

Twproject supports multiple separated “areas” in the same installation. Projects, users, resources, issues etc. created on says “area 1” are not accessible by users coming from “area 2”. Using security area you can manage two distinct companies/directions/department on the same installation. Cross-areas users can be created e.g.: top management. See https://twproject.com/support/using-twproject/security/ and https://twproject.com/support/using-twproject/security/areas/

Can Twproject run on HTTPS?

Of course. On the cloud solution is already on HTPPS using a 2048 bit certificate. Twproject by default runs on Tomcat, you should refer to Tomcat documentation.

Can I configure Twproject for LDAP authentication?

Of course. See https://twproject.com/support/twproject-advanced-usage/connections/ldap-active-directory/

Can I import users from LDAP?

Yes you cam. See https://twproject.com/support/twproject-advanced-usage/connections/ldap-active-directory/