TIBCO EBX® comes with a full user interface called Advanced perspective that includes all available features. The interface is fully customizable (custom logo, colors, field size, default values, etc.) and available to built-in administrators.
Access to the advanced perspective can be restricted in order to simplify the end-user experience, through global permissions, giving the possibility to grant or restrict access to functional categories. Administrators can create simplified perspectives called recommended perspectives for end-users, containing only the features and menus they need for their daily tasks.
Global permission rules can be created in EBX®.
The 'Display area' property allows restricting access to areas of the user interface. To define the access rules, select 'Global permissions' in the 'Administration' area.
Profile | Indicates on which profile the rule will be applied. |
Restriction policy | Indicates if the permissions defined here restrict the ones defined for other profiles. See the Restriction policy concept for more information. |
Dataspaces | Defines permissions for the Dataspaces area. |
Data Models | Defines permissions for the Data Models area. |
Workflow Models | Defines permissions for the Workflow Models area. |
Data Workflows | Defines permissions for the Data Workflows area. |
Data Services | Defines permissions for the Data Services area. Independently, it is also possible to:
|
Administration | Defines permissions for the Administration area. |
Permissions can be defined by administrators and by the dataspace or dataset owner.
The advanced perspective and its parameterization are unique. It is the parent perspective from which any new perspective will inherit.
Children perspectives can be created from that main perspective in order to offer a customized, simplified menu to the end-users. Thanks to dataset inheritance, these simplified perspectives will receive their parameters from the advanced perspective (the root dataset). These parameters can then be overridden on the newly created simplified perspectives. Simplified perspectives can be created underneath an existing simplified perspective, thus inheriting from the parent's parameters.
The advanced perspective is available by default to all end-users but access can be restricted.
Note: Administrators can always access the advanced perspective even when it is deactivated.
It is possible to configure which perspective is applied by default when users log in. This 'default perspective' is based on two criteria: 'recommended perspectives', defined by administrators and 'favorite perspectives', defined by users.
To create a perspective, open the 'Select an administration feature' drop-down menu and click on the + sign to create a child dataset.
Options are available in the Administration area for configuring the web interface, in the 'User interface' section.
Be careful when configuring the URL policy (deprecated). If the web interface configuration is invalid, it can lead to the unusability of EBX®. If this occurs, use the "rescue mode" by setting frontEnd.rescueMode.enable=true
in EBX® main configuration file, and accessing the following URL in your browser as a built-in administrator user: http://.../ebx/?onwbpID=iebx-manager-rescue
.
These parameters configure the user session options:
User session default locale | Default session locale |
Session time-out (in seconds) | Maximum duration of user inactivity before the session is considered inactive and is terminated. A negative value indicates that the session should never timeout. |
Describes the URL to access the application.
Login URL | If the user is not authenticated, the session is forwarded to this URL. |
The entry policy defines an EBX® login page, replacing the default one.
If defined,
it replaces an authentication URL that may have been defined using a specific user Directory
,
it is used to build the permalinks in the user interface,
if the URL is full, that is, starting with http://
or https://
, it replaces the URL of the workflow email configuration.
Describes the URL and proxy policy. Both dynamic (servlet) and static (resources) URLs can be configured.
This configuration manner is deprecated and must be replaced by URLs computing. After configuring the EBX® main configuration file, these configurations must be unset.
HTTP servlet policy | Header content of the servlet HTTP request:
|
HTTPS servlet policy | Header content of the servlet HTTPS request:
|
HTTP external resources policy | Header content of the external resources URL in HTTP:
|
HTTPS external resources policy | Header content of the external resources URL in HTTPS:
|
Describes how the application is exited.
Normal redirection | Specifies the redirection URL used when exiting the session normally. |
Error redirection | Specifies the redirection URL used when exiting the session due to an error. This feature is now deprecated and may be ignored by EBX®. |
Redirection restrictions | Specifies the list of authorized domains and whether HTTPS is mandatory for each domain. |
The 'Activated' radio button allows to activate or deactivate the perspective. When deactivated, the perspective will only be made available to the administrator.
The 'Allowed profiles' feature is used to give access to the perspective to a given profile. Several profiles can be added to the list of authorized profiles by clicking on the + icon below the numbered list.
The available perspective properties are:
Activated | Indicates if the perspective is visible to authorized users. |
Allowed profiles | The list of authorized user profiles for the perspective. |
Allowed devices | The list of authorized devices for the perspective. If not specified, only "EBX® Web Application" can display this perspective. |
Default selection | The menu item that is selected by default. This property is not available for the advanced perspective. |
EBX® availability status:
Availability status | This application can be closed to users during maintenance (but still remain open to administrators). Takes effect immediately. |
Unavailability message | Message displayed to users when access is restricted to administrator profiles. |
EBX® access security policy. These parameters only apply to new HTTP sessions.
IP access restriction | Restricts access to designated IP addresses (see IP pattern below). |
IP restriction pattern | Regular expression representation of IP addresses authorized to access EBX®. For example, |
Unique session control | Specifies whether EBX® should control the uniqueness of user sessions. When set to 'Yes', if a user does not log out before closing the browser, it will not be possible for that user to log in again until the previous session has timed out. |
EBX® ergonomics parameters:
Max table columns to display | According to network and browser performance, adjusts the maximum number of columns to display in a table. This property is not used when a view is applied on a table. |
Maximum auto-width for table columns | Defines the maximum width to which a table column can auto-size during table initialization. This is to prevent columns from being too wide, which could occur for very long values, such as URLs. Users will still be able to manually resize columns beyond this value. |
Max expanded elements for a hierarchy | Defines the maximum number of elements that can be expanded in a hierarchy when using the action "Expand all". A value less than or equal to '0' disables this parameter. |
Default table filter | Defines the default table filter to display in the filters list in tabular views. If modified, users must log out and log in for the new value to take effect. |
Display the message box automatically | Defines the message severity threshold for displaying the messages pop-up. |
IE compatibility mode | Defines whether or not to compensate for Internet Explorer 8+ displaying EBX® in compatibility mode. In order to prevent Internet Explorer browsers from using compatibility mode when displaying the repository user interface, the meta-tag http-equiv="X-UA-Compatible" content="IE=EmulateIE8" is added to the header of pages. However, in some local environments, this setting may conflict with existing policies, in which case this header must be omitted by setting the parameter to 'No'. The default value is 'Yes'. See Specifying Document Compatibility Modes for more information. |
Forms: width of labels | The width of labels in forms. |
Forms: width of inputs | The width of form input fields in forms. |
Forms: height of text areas | The height of text entry fields in forms. |
Forms: aggregated lists | The number of hidden candidate lines to be generated, available to create new instances in the list. |
Forms: width of HTML editor | The width of HTML editors in forms. |
Forms: height of HTML editor | The height of HTML editors in forms. |
Searchable list selection page size | Maximum number of rows downloaded at each request of the searchable list selection (used for selecting foreign keys, enumerations, etc.). |
Record form: rendering mode for nodes | Specifies how to display non-terminal nodes in record forms. This should be chosen according to network and browser performance. For impact on page loading, link mode is light, expanded and collapsed modes are heavier. If this property is modified, users are required to log out and log in for the new value to take effect. |
Record form: display of selection and association nodes in creation mode | If enabled, the selection and association nodes will be displayed in record creation forms. |
Display density | Defines the default display density mode for all users. If no density has been selected by the user yet, this value will be applied. Conversely, if the user already chose a density, their choice will prevail. |
Avatar displayed in the header | This property defines the display mode of avatars in the header. For example, it is possible to enable or disable the use of avatars in the header by updating this property. If no value is defined, the default value is 'Avatar only'. If it is a relative path, prefix it with "../" to get back to the application root URL. |
Avatar displayed in the history | This property defines the display mode of avatars in the history. For example, it is possible to enable or disable the use of avatars in the history by updating this property. If no value is defined, the default value is 'Avatar only'. If it is a relative path, prefix it with "../" to get back to the application root URL. |
Avatar displayed in the workflow | This property defines the display mode of avatars in the workflow. For example, it is possible to enable or disable the use of avatars in the workflow by updating this property. If no value is defined, the default value is 'Avatar only'. If it is a relative path, prefix it with "../" to get back to the application root URL. |
Defines default values for options in the user interface.
Import/Export
CSV file encoding | Specifies the default character encoding to use for CSV file import and export. |
CSV : field separator | Specifies the default separator character to use for CSV file import and export. |
CSV : list separator | Specifies the default list separator character to use for CSV file import and export. |
Import mode | Specifies the default import mode. |
Missing XML values as 'null' | If 'Yes', when updating existing records, if a node is missing or empty in the imported file, the value is considered as 'null'. If 'No', the value is not modified. |
Customizes EBX® colors and themes.
Web site icon URL (favicon) | Sets a custom favicon. The recommended format is ICO, which is compatible with Internet Explorer. |
Logo URL (SVG) | Specifies the SVG image used for compatible browsers. Leave this field blank to use the PNG image, if specified. The user interface will attempt to use the specified PNG image if the browser is not SVG-compatible. If no PNG image is specified, the GIF/JPG image will be used. The logo must have a maximum height of 40px. If the height exceeds 40px, it will be cropped, not scaled, to a height of 40px. The width of the logo will determine the position of the buttons in the header. If it is a relative path, prefix it with "../" to get back to the application root URL. |
Logo URL (PNG) | Specifies the PNG image used for compatible browsers. Leave both this field and the SVG image URL field blank to use the GIF/JPG image. The user interface will use the GIF/JPG image if the browser is not PNG-compatible. The logo must have a maximum height of 40px. If the height exceeds 40px, it will be cropped, not scaled, to a height of 40px. The width of the logo will determine the position of the buttons in the header. If it is a relative path, prefix it with "../" to get back to the application root URL. |
Logo URL (GIF/JPG) | Specifies the GIF/JPG image to use when neither the PNG nor SVG are defined. The recommended formats are GIF and JPG. The logo must have a maximum height of 40px. If the height exceeds 40px, it will be cropped, not scaled, to a height of 40px. The width of the logo will determine the position of the buttons in the header. If it is a relative path, prefix it with "../" to get back to the application root URL. |
Main | Main user interface theme color, used for selections and highlights. |
Header | Background color of the user interface header. By default, set to the same value as the Main color. |
Workflow badge | Background and text/outline colors of new workflow task counters. |
Primary buttons | Color of buttons selected by default. By default, set to the same value as the Main color. |
Text of link style buttons | Text color of some buttons having a link style (the text is not dark or light, but colored). By default, set to the same value as the main color. |
Selected tab border | Border color of the selected tab. By default, set to the same value as the Main color. |
Table history view: technical data | Background color of technical data cells in the table history view. |
Table history view: creation | Background color of cells with the state 'creation' in the table history view. |
Table history view: deletion | Background color of cells with the state 'deletion' in the table history view. |
Table history view: update | Background color of cells with the state 'update' in the table history view. |
An unlimited number of child perspectives can be created. Child perspectives inherit from the parameters of the 'Advanced perspective'. Some of these parameters can be overridden as detailed hereafter.
See Activation and Allowed profiles for the Advanced perspective for more information.
Any specific parameter set for this perspective will override the default parameters that have been set in the 'Advanced perspective' configuration.
This view displays the perspective menu. It is a hierarchical table view.
From this view, a user can create, delete or reorder menu item records.
Section Menu Item | This is a top level menu item. It contains other menu items. |
Menu group | This is a container for other menu items. |
Action Menu Item | This menu item displays a user service in the workspace area. |
When creating a record in the 'Perspective' Menu, the available perspective properties are:
Type | The menu item type. See also |
Parent | The parent of the menu item. This property is not available for section menu items. |
Label | The menu item label. The label is optional for action menu items. If not specified, the label will be dynamically generated by EBX® when the menu item is displayed. |
Allowed devices | The list of authorized devices for this item. If not specified, all devices can display this menu item. Currently only two devices are supported: "EBX® Web Application" and "EBX® GO". |
Icon | The icon for the menu item. Icon can be either "standard" (provided by EBX®) or an image, specified by a URL, that can be hosted on any web server. Icons size should be 16x16 pixels. This property is not available for section menu items. |
Top separator | Indicates that the menu item section has a top separator. This property is only available for section menu items. |
Action | The user service to execute when the user clicks on the menu item. See alsoIf an end-user is allowed to view the perspective but not to execute the user service, an "access denied" message will be displayed when the user clicks on the menu item. This property is only available for action menu items. |
Selection on close | The menu item that will be selected when the service terminates. Built-in services use this property when the user clicks on the 'Close' button. This property is only available for action menu items. |
See Ergonomics and layout for the Advanced perspective for more information.
Any specific parameter set for this perspective will override the default parameters that have been set in the 'Advanced perspective' configuration.
See Colors and themes for the Advanced perspective for more information.
Any specific parameter set for this perspective will override the default parameters that have been set in the 'Advanced perspective' configuration.
It is possible for a perspective administrator to configure recommended perspectives dedicated to a specific audience. These recommended perspectives are a way to choose which perspective is applied by default when a user logs in, based on their role.
However, users always have the possibility to switch between the various perspectives that are available to them and to set one as their favorite. See Favorite perspectives for more information.
To configure recommended perspectives, go to User interface > Recommended perspectives > Manage recommended perspectives.
The main screen shows an ordered list of records associating a profile with a perspective. Note that the order here is important since a user can match more than one record (see Resolution for more information).
To add an entry, use the 'Create' action.
To edit an entry, first select it in the list by clicking on it, then click on the 'Edit' action, or simply double-click on it.
To remove an entry, first select it in the list, then click on the 'Delete' action.
To move an entry, first select it in the list, then use the actions in the toolbar to the right of the list.
When a user logs in, the following algorithm determines which perspective is selected by default:
// 1) favorite perspective IF the user has a favorite perspective AND this perspective is active AND the user is authorized for this perspective SELECT this perspective DONE // 2) recommended perspective FOR EACH association in the recommended perspectives list, in the declared order IF the user is in the declared profile AND the associated perspective is active AND the user is authorized for the associated perspective SELECT this perspective DONE // 3) advanced perspective IF the advanced perspective is active AND the user is authorized for this perspective SELECT this perspective DONE // 4) any perspective SELECT any active perspective for which the user is authorized DONE
Users can create and manage custom views directly from the 'View' menu on tables. This administration section is the central point to manage these custom views.
This table contains all custom views defined on any table. Only a subset of fields is editable:
Documentation | Localized labels and descriptions. |
Owner | Defines the user(s) owning and authoring this view definition. |
View group | Indicates the menu group in which this view is displayed in the 'View' menu. |
Share with | Defines the users allowed to select this view from their 'View' menu. |
This table allows to manage permissions relative to custom views, by data model and profile. The following permissions can be configured (the default value is applied when no permission is set for a given user):
Permission | Description | Default value |
---|---|---|
Recommend views | Allows the user to manage recommended views. | If the user is the dataset owner, the default value is 'Yes', otherwise it is 'No'. |
Manage views | Defines the views the user can modify and delete. | If the user is a built-in administrator, the default value is 'Owned + shared', otherwise it is 'Owned'. |
Share views | Defines the views for which the user can edit the 'Share with' field. | If the user is a built-in administrator, the default value is 'Owned + shared', else if the user is the dataset owner, it is 'Owned', otherwise it is 'None'. |
Publish views | Allows the user to publish views to make them available to all users using Web components, workflow user tasks, or data services. | If the user is a built-in administrator, the default value is 'Yes', otherwise it is 'No'. |
This tool lists all user sessions and allows terminating active sessions when necessary.
For example: it is possible to invalidate and terminate all currently open and active sessions for maintenance purposes. The access to the user interface can be temporarily closed, with an unavailability message being displayed, through Application locking. After active sessions are terminated, users will not be able to reconnect and will see the unavailability message. The maintenance operation can then be performed.