/
Qbyte Metrix Security Authentication

Qbyte Metrix Security Authentication

Owned by IFS Energy and Resources (Deactivated)
Last updated: Mar 01, 2024
4 min read

Search the Qbyte Metrix Wiki
 

Back to Security

 

Introduction

This document is intended to capture the process changes associated with the authentication modifications made to the Qbyte Metrix application. The changes can be summarized as follows:

  1. Metrix authentication is now done by validating the user’s credentials against an Oracle database user in a similar manner to Qbyte Metrix Reporting.

  2. Metrix Authentication has been moved into Qbyte Metrix itself, allowing for greater control of this functionality when necessary.

  3. Functionality has been added to support password aging along with password change validation rules.

  4. Those running Qbyte Metrix in a hosted P2 environment are now not able to manage user/password information within Qbyte Metrix.

 

Oracle User Account

Similar to how Metrix Reporting is implemented, a Qbyte Metrix user now requires an Oracle database user. When a user inputs their credentials, those credentials are validated against that database user. Metrix security is not affected in any way by these changes.

 

User Authentication moved into Qbyte Metrix

This allows for greater control and flexibility of the user authentication process, if necessary.

 

Password Aging and Validation

As part of this enhancement, Qbyte Metrix now supports password aging and password verification. This functionality is implemented by leveraging Oracle’s functionality in this area. It is accomplished by creating Database (DB) profiles and then assigning these profiles to DB users. Qbyte Metrix traps various Oracle messages and displays appropriate error messages to the user. 

Requiring a Qbyte Metrix user to be first setup as an Oracle database user provides the client with the ability to set customized password security rules to handle the following situations:

  • Password Expiry Period.

  • Password Strength. Password strength is the length of password and the requirement for combinations of numbers, letters and special character.

  • Lock out period after failed attempts. The lock out period is the number of failed attempts that will be allowed before a user is locked out and the length of time the user will be locked out.

  • Session time-out. Session time-out is the length of time the user can be inactive in Qbyte Metrix before the session times out and the user is forced to log back in. Logging in after a session time-out will return the user to the last screen they were on.

 

Password Change within Qbyte Metrix (Non-hosted clients only)

Non-hosted Qbyte Metrix users will have the ability to change their password at any time within the Qbyte Metrix application using the below screen.

This button will launch the following Change Password screen:

In addition, if a user’s password has expired, they will be given the opportunity to change it by automatically displaying the above popup upon login.

In both cases, any validation errors that are encountered during the password change process will be displayed at the top of the window:

 

Impact on Hosted Clients

Access Management is the utility that creates and maintains all users for hosted clients. This section is intended to describe how the changes are reflected in a hosted client’s environment.

The creation and maintenance of User Accounts will now be done entirely through Access Management. The admin user will no longer be able to create new or modify existing Qbyte Metrix users. They will continue to manage the User Roles in Qbyte Metrix. All other changes must be done using Access Management.

The user can no longer change their password through the Qbyte Metrix Application. Password changes will have to be changed through Access Management and the password will be synchronized for all P2 products.

 

Copyright© 2024 IFS AB. Copying prohibited. All rights reserved.