TIBCO EBX®
Documentation > Administration Guide > Technical administration
Navigation modeDocumentation > Administration Guide > Technical administration

UI administration

TIBCO EBX® comes with a full user interface called Advanced perspective that includes all available features. The interface is fully customizable (custom logo, colors, field size, default values, etc.) and available to built-in administrators.

Access to the advanced perspective can be restricted in order to simplify the end-user experience, through global permissions, giving the possibility to grant or restrict access to functional categories. Administrators can create simplified perspectives called recommended perspectives for end-users, containing only the features and menus they need for their daily tasks.

Global permissions

Global permission rules can be created in EBX®.

The 'Display area' property allows restricting access to areas of the user interface. To define the access rules, select 'Global permissions' in the 'Administration' area.

Profile

Indicates on which profile the rule will be applied.

Restriction policy

Indicates if the permissions defined here restrict the ones defined for other profiles. See the Restriction policy concept for more information.

Dataspaces

Defines permissions for the Dataspaces area.

Data Models

Defines permissions for the Data Models area.

Workflow Models

Defines permissions for the Workflow Models area.

Data Workflows

Defines permissions for the Data Workflows area.

Data Services

Defines permissions for the Data Services area.

Independently, it is also possible to:

  • Defines the access permissions for the REST built-in connector HTTP(S). This setting does not impact the REST Toolkit applications.

  • Defines the access permissions for the REST OpenAPI services.

  • Defines the access permissions for the SOAP connector HTTP(S) and JMS.

  • Defines the access permissions for the WSDL connector HTTP(S).

Administration

Defines permissions for the Administration area.

Note

Permissions can be defined by administrators and by the dataspace or dataset owner.

Advanced perspective

The advanced perspective and its parameterization are unique. It is the parent perspective from which any new perspective will inherit.

Children perspectives can be created from that main perspective in order to offer a customized, simplified menu to the end-users. Thanks to dataset inheritance, these simplified perspectives will receive their parameters from the advanced perspective (the root dataset). These parameters can then be overridden on the newly created simplified perspectives. Simplified perspectives can be created underneath an existing simplified perspective, thus inheriting from the parent's parameters.

See also

The advanced perspective is available by default to all end-users but access can be restricted.

Note: Administrators can always access the advanced perspective even when it is deactivated.

It is possible to configure which perspective is applied by default when users log in. This 'default perspective' is based on two criteria: 'recommended perspectives', defined by administrators and 'favorite perspectives', defined by users.

Perspective creation

To create a perspective, open the 'Select an administration feature' drop-down menu and click on the + sign to create a child dataset.

User interface

Options are available in the Administration area for configuring the web interface, in the 'User interface' section.

Attention

Be careful when configuring the URL policy (deprecated). If the web interface configuration is invalid, it can lead to the unusability of EBX®. If this occurs, use the "rescue mode" by setting frontEnd.rescueMode.enable=true in EBX® main configuration file, and accessing the following URL in your browser as a built-in administrator user: http://.../ebx/?onwbpID=iebx-manager-rescue.

Session configuration

These parameters configure the user session options:

User session default locale

Default session locale

Session time-out (in seconds)

Maximum duration of user inactivity before the session is considered inactive and is terminated. A negative value indicates that the session should never timeout.

Interface configuration

Entry policy

Describes the URL to access the application.

Login URL

If the user is not authenticated, the session is forwarded to this URL.

The entry policy defines an EBX® login page, replacing the default one.

If defined,

URL policy (deprecated)

Describes the URL and proxy policy. Both dynamic (servlet) and static (resources) URLs can be configured.

This configuration manner is deprecated and must be replaced by URLs computing. After configuring the EBX® main configuration file, these configurations must be unset.

HTTP servlet policy

Header content of the servlet HTTP request:

  • if a field is not set, the default value in the environment configuration is used,

  • if a default value is not set, the value in the initial request is used.

HTTPS servlet policy

Header content of the servlet HTTPS request:

  • if a field is not set, the default value is chosen (in an environment configuration),

  • if a default value is not set, the value in the initial request is used.

HTTP external resources policy

Header content of the external resources URL in HTTP:

  • if a field is not set, the default value in the environment configuration is used,

  • if a default value is not set, the value in the initial request is used.

HTTPS external resources policy

Header content of the external resources URL in HTTPS:

  • if a field is not set, the default value in the environment configuration is used,

  • if a default value is not set, the value in the initial request is used.

Exit policy

Describes how the application is exited.

Normal redirection

Specifies the redirection URL used when exiting the session normally.

Error redirection

Specifies the redirection URL used when exiting the session due to an error.

This feature is now deprecated and may be ignored by EBX®.

Redirection restrictions

Specifies the list of authorized domains and whether HTTPS is mandatory for each domain.

Graphical interface configuration

Activation & Allowed profiles

The 'Activated' radio button allows to activate or deactivate the perspective. When deactivated, the perspective will only be made available to the administrator.

The 'Allowed profiles' feature is used to give access to the perspective to a given profile. Several profiles can be added to the list of authorized profiles by clicking on the + icon below the numbered list.

The available perspective properties are:

Activated

Indicates if the perspective is visible to authorized users.

Allowed profiles

The list of authorized user profiles for the perspective.

Allowed devices

The list of authorized devices for the perspective.

If not specified, only "EBX® Web Application" can display this perspective.

Default selection

The menu item that is selected by default.

This property is not available for the advanced perspective.

Application locking

EBX® availability status:

Availability status

This application can be closed to users during maintenance (but still remain open to administrators). Takes effect immediately.

Unavailability message

Message displayed to users when access is restricted to administrator profiles.

Security policy

EBX® access security policy. These parameters only apply to new HTTP sessions.

IP access restriction

Restricts access to designated IP addresses (see IP pattern below).

IP restriction pattern

Regular expression representation of IP addresses authorized to access EBX®. For example, ((127\.0\.0\.1) | (192\.168\.*\.*)) grants access to the local machine and the network IP range 192.168.*.*.

Unique session control

Specifies whether EBX® should control the uniqueness of user sessions. When set to 'Yes', if a user does not log out before closing the browser, it will not be possible for that user to log in again until the previous session has timed out.

Ergonomics and layout

EBX® ergonomics parameters:

Max table columns to display

According to network and browser performance, adjusts the maximum number of columns to display in a table. This property is not used when a view is applied on a table.

Maximum auto-width for table columns

Defines the maximum width to which a table column can auto-size during table initialization. This is to prevent columns from being too wide, which could occur for very long values, such as URLs. Users will still be able to manually resize columns beyond this value.

Max expanded elements for a hierarchy

Defines the maximum number of elements that can be expanded in a hierarchy when using the action "Expand all". A value less than or equal to '0' disables this parameter.

Default table filter

Defines the default table filter to display in the filters list in tabular views. If modified, users must log out and log in for the new value to take effect.

Display the message box automatically

Defines the message severity threshold for displaying the messages pop-up.

IE compatibility mode

Defines whether or not to compensate for Internet Explorer 8+ displaying EBX® in compatibility mode.

In order to prevent Internet Explorer browsers from using compatibility mode when displaying the repository user interface, the meta-tag http-equiv="X-UA-Compatible" content="IE=EmulateIE8" is added to the header of pages. However, in some local environments, this setting may conflict with existing policies, in which case this header must be omitted by setting the parameter to 'No'. The default value is 'Yes'.

See Specifying Document Compatibility Modes/ebx_open.png for more information.

Forms: width of labels

The width of labels in forms.

Forms: width of inputs

The width of form input fields in forms.

Forms: height of text areas

The height of text entry fields in forms.

Forms: aggregated lists

The number of hidden candidate lines to be generated, available to create new instances in the list.

Forms: width of HTML editor

The width of HTML editors in forms.

Forms: height of HTML editor

The height of HTML editors in forms.

Searchable list selection page size

Maximum number of rows downloaded at each request of the searchable list selection (used for selecting foreign keys, enumerations, etc.).

Record form: rendering mode for nodes

Specifies how to display non-terminal nodes in record forms. If this property is modified, users are required to log out and log in for the new value to take effect.

Record form: display of selection and association nodes in creation mode

If enabled, the selection and association nodes will be displayed in record creation forms.

Display density

Defines the default display density mode for all users. If no density has been selected by the user yet, this value will be applied. Conversely, if the user already chose a density, their choice will prevail.

Avatar displayed in the header

This property defines the display mode of avatars in the header. For example, it is possible to enable or disable the use of avatars in the header by updating this property. If no value is defined, the default value is 'Avatar only'. If it is a relative path, prefix it with "../" to get back to the application root URL.

Avatar displayed in the history

This property defines the display mode of avatars in the history. For example, it is possible to enable or disable the use of avatars in the history by updating this property. If no value is defined, the default value is 'Avatar only'. If it is a relative path, prefix it with "../" to get back to the application root URL.

Avatar displayed in the workflow

This property defines the display mode of avatars in the workflow. For example, it is possible to enable or disable the use of avatars in the workflow by updating this property. If no value is defined, the default value is 'Avatar only'. If it is a relative path, prefix it with "../" to get back to the application root URL.

Default option values

Defines default values for options in the user interface.

Import/Export

CSV file encoding

Specifies the default character encoding to use for CSV file import and export.

CSV : field separator

Specifies the default separator character to use for CSV file import and export.

CSV : list separator

Specifies the default list separator character to use for CSV file import and export.

Import mode

Specifies the default import mode.

Missing XML values as 'null'

If 'Yes', when updating existing records, if a node is missing or empty in the imported file, the value is considered as 'null'. If 'No', the value is not modified.

Colors and themes

Customizes EBX® colors and themes.

Web site icon URL (favicon)

Sets a custom favicon. The recommended format is ICO, which is compatible with Internet Explorer.

Logo URL (SVG)

Specifies the SVG image used for compatible browsers. Leave this field blank to use the PNG image, if specified. The user interface will attempt to use the specified PNG image if the browser is not SVG-compatible. If no PNG image is specified, the GIF/JPG image will be used. The logo must have a maximum height of 40px. If the height exceeds 40px, it will be cropped, not scaled, to a height of 40px. The width of the logo will determine the position of the buttons in the header. If it is a relative path, prefix it with "../" to get back to the application root URL.

Logo URL (PNG)

Specifies the PNG image used for compatible browsers. Leave both this field and the SVG image URL field blank to use the GIF/JPG image. The user interface will use the GIF/JPG image if the browser is not PNG-compatible. The logo must have a maximum height of 40px. If the height exceeds 40px, it will be cropped, not scaled, to a height of 40px. The width of the logo will determine the position of the buttons in the header. If it is a relative path, prefix it with "../" to get back to the application root URL.

Logo URL (GIF/JPG)

Specifies the GIF/JPG image to use when neither the PNG nor SVG are defined. The recommended formats are GIF and JPG. The logo must have a maximum height of 40px. If the height exceeds 40px, it will be cropped, not scaled, to a height of 40px. The width of the logo will determine the position of the buttons in the header. If it is a relative path, prefix it with "../" to get back to the application root URL.

Main

Main user interface theme color, used for selections and highlights.

Header

Background color of the user interface header. By default, set to the same value as the Main color.

Workflow badge

Background and text/outline colors of new workflow task counters.

Primary buttons

Color of buttons selected by default. By default, set to the same value as the Main color.

Text of link style buttons

Text color of some buttons having a link style (the text is not dark or light, but colored). By default, set to the same value as the main color.

Selected tab border

Border color of the selected tab. By default, set to the same value as the Main color.

Table history view: technical data

Background color of technical data cells in the table history view.

Table history view: creation

Background color of cells with the state 'creation' in the table history view.

Table history view: deletion

Background color of cells with the state 'deletion' in the table history view.

Table history view: update

Background color of cells with the state 'update' in the table history view.

An unlimited number of child perspectives can be created. Child perspectives inherit from the parameters of the 'Advanced perspective'. Some of these parameters can be overridden as detailed hereafter.

Activation & Allowed profiles

See Activation and Allowed profiles for the Advanced perspective for more information.

Note

Any specific parameter set for this perspective will override the default parameters that have been set in the 'Advanced perspective' configuration.

Perspective Menu

This view displays the perspective menu. It is a hierarchical table view.

From this view, a user can create, delete or reorder menu item records.

Section Menu Item

This is a top level menu item. It contains other menu items.

Menu group

This is a container for other menu items.

Action Menu Item

This menu item displays a user service in the workspace area.

When creating a record in the 'Perspective' Menu, the available perspective properties are:

Type

The menu item type.

See also

Parent

The parent of the menu item.

This property is not available for section menu items.

Label

The menu item label.

The label is optional for action menu items. If not specified, the label will be dynamically generated by EBX® when the menu item is displayed.

Allowed devices

The list of authorized devices for this item.

If not specified, all devices can display this menu item. Currently only two devices are supported: "EBX® Web Application" and "EBX® GO".

Icon

The icon for the menu item.

Icon can be either "standard" (provided by EBX®) or an image, specified by a URL, that can be hosted on any web server.

Icons size should be 16x16 pixels.

This property is not available for section menu items.

Top separator

Indicates that the menu item section has a top separator.

This property is only available for section menu items.

Action

The user service to execute when the user clicks on the menu item.

If an end-user is allowed to view the perspective but not to execute the user service, an "access denied" message will be displayed when the user clicks on the menu item.

This property is only available for action menu items.

Selection on close

The menu item that will be selected when the service terminates.

Built-in services use this property when the user clicks on the 'Close' button.

This property is only available for action menu items.

Ergonomics and layout

See Ergonomics and layout for the Advanced perspective for more information.

Note

Any specific parameter set for this perspective will override the default parameters that have been set in the 'Advanced perspective' configuration.

Colors and themes

See Colors and themes for the Advanced perspective for more information.

Note

Any specific parameter set for this perspective will override the default parameters that have been set in the 'Advanced perspective' configuration.

Recommended perspectives

It is possible for a perspective administrator to configure recommended perspectives dedicated to a specific audience. These recommended perspectives are a way to choose which perspective is applied by default when a user logs in, based on their role.

However, users always have the possibility to switch between the various perspectives that are available to them and to set one as their favorite. See Favorite perspectives for more information.

To configure recommended perspectives, go to User interface > Recommended perspectives > Manage recommended perspectives.

Managing recommended perspectives

The main screen shows an ordered list of records associating a profile with a perspective. Note that the order here is important since a user can match more than one record (see Resolution for more information).

Resolution

When a user logs in, the following algorithm determines which perspective is selected by default:

// 1) favorite perspective
IF the user has a favorite perspective
AND this perspective is active
AND the user is authorized for this perspective
    SELECT this perspective
    DONE

// 2) recommended perspective
FOR EACH association in the recommended perspectives list, in the declared order
    IF the user is in the declared profile
    AND the associated perspective is active
    AND the user is authorized for the associated perspective
        SELECT this perspective
        DONE

// 3) advanced perspective
IF the advanced perspective is active
AND the user is authorized for this perspective
    SELECT this perspective
    DONE

// 4) any perspective
SELECT any active perspective for which the user is authorized
DONE

Custom views

Users can create and manage custom views directly from the 'View' menu on tables. This administration section is the central point to manage these custom views.

Views

This table contains all custom views defined on any table. Only a subset of fields is editable:

Documentation

Localized labels and descriptions.

Owner

Defines the user(s) owning and authoring this view definition.

View group

Indicates the menu group in which this view is displayed in the 'View' menu.

Share with

Defines the users allowed to select this view from their 'View' menu.

Views permissions

This table allows to manage permissions relative to custom views, by data model and profile. The following permissions can be configured (the default value is applied when no permission is set for a given user):

Permission

Description

Default value

Recommend views

Allows the user to manage recommended views.

If the user is the dataset owner, the default value is 'Yes', otherwise it is 'No'.

Manage views

Defines the views the user can modify and delete.

If the user is a built-in administrator, the default value is 'Owned + shared', otherwise it is 'Owned'.

Share views

Defines the views for which the user can edit the 'Share with' field.

If the user is a built-in administrator, the default value is 'Owned + shared', else if the user is the dataset owner, it is 'Owned', otherwise it is 'None'.

Publish views

Allows the user to publish views to make them available to all users using Web components, workflow user tasks, or data services.

If the user is a built-in administrator, the default value is 'Yes', otherwise it is 'No'.

User session management

This tool lists all user sessions and allows terminating active sessions when necessary.

For example: it is possible to invalidate and terminate all currently open and active sessions for maintenance purposes. The access to the user interface can be temporarily closed, with an unavailability message being displayed, through Application locking. After active sessions are terminated, users will not be able to reconnect and will see the unavailability message. The maintenance operation can then be performed.

Accessibility mode

An accessibility mode is available to help users with disabilities, when active it will tweak display to ensure that, wherever possible, the user interface is accessible.

The option can be found on the login screen, and also in the user pane once they are connected.

The selected value is persisted per user and shared among all its work sessions.

Allows to make all the controls of the form operable through a keyboard interface and thus conform to the WCAG Success Criterion 2.1.1.

Overview of changes applied when accessibility mode is on:

Tabular view

Add an "Access data" button to all row toolbars.

HTML editor

Make the toolbar being always expanded.

Forms

Expand/collapse buttons can now be focused.

Supported screen reader

The Jaws (version 2022) is the only screen reader supported by TIBCO EBX®. Any other technology may have some unexpected behavior.

Documentation > Administration Guide > Technical administration