Last updated
Last updated
Setup at least one user and role for your container.
The easiest way to do this with Tomcat, if you don't have already users setup within your system (via a Tomcat realm for example), is to modify Tomcat's tomcat-users.xml
file, for example as follows:
Enumerate the role in the following property:
Protect Form Builder and, optionally, the Form Runner Home page
In web.xml, uncomment the permissions section.
Replace:
with:
and replace the role name:
Set, in form-builder-permissions.xml
:
Remove demo forms and apps from Orbeon Forms.
Within Form Builder
make sure that all your forms have permissions enabled (PE feature only)
set the create
permission for all users
set all permissions for the role orbeon-admin
republish your forms
Configure forms' buttons
You will want only a "Send" or "Submit" button, as a plain "Save" button doesn't make sense in this case.
With this setup:
Published forms are not protected by the container. They are protected by Form Runner permissions.
Form Builder is protected by the container so that anonymous users can't create new forms.
Form Builder also requires orbeon-admin
at the Orbeon Forms level.
Any user, logged in or anonymous, can create form data from any published form.
All other operations (read
, update
, delete
) are not available to anonymous users or logged in users without the orbeon-admin
role. Users with the orbeon-admin
role have
Users with the orbeon-admin
role can perform any operations on the form data after they are logged in.
Limitations:
Anonymous data entry does not support autosave.
See .
see also
As an administrator, you first have to login, for example by accessing Form Builder, before accessing published forms' Summary page (issue ).
- How to setup Orbeon Forms so that users and roles are provided.
- Optional user menu for providing links to login and logout functions.
- How to control access to deployed forms.
- How to control access to specific form fields based on the user user's roles.
- How to control access to Form Builder.
- Access based on ownership and groups.
– Access based on organizational structure.
- Token-based permissions