CS

Security and users

Home / Support / Manuals / Administrator Guide /

Security and users

CS

Introduction

Security and user management are among the core system principles of the NET Genium platform. They are not an optional feature, but an integral part of the architecture on which all applications are built.

NET Genium is designed for operating enterprise applications where it is necessary to clearly determine:

  • who works with the application,
  • which data and functions they can access,
  • what changes they have made,
  • and when those changes occurred.

This guide explains the fundamental concepts of security, users, permissions, and audit trails within the NET Genium environment.

Users

NET Genium supports several types of users that differ in their method of access, scope of permissions, and responsibility for performed actions.

From the platform perspective, there are three basic types of users:

  • Standard user – works with application data and functions based on assigned permissions.
  • Administrator – has access to all data and platform tools and creates or modifies applications using the integrated designer.
  • Anonymous user – fills in data through web forms that become part of public websites via iframes.

Standard users and administrators always work in the NET Genium environment under their own unique user account. Every action they perform is traceable and linked to a specific identity.

Anonymous users do not enter the application as authenticated users. Their use is limited to specific scenarios, typically data collection through public forms. In these cases, neither user identity nor licensing limits for logged-in users apply.

Licensing model and users

The NET Genium licensing model is based on the maximum number of concurrently logged-in users.

  • Each login of a standard user or administrator consumes one user license.
  • A user may log in multiple times under the same username, yet only one license is consumed.
  • The total number of licenses can be increased at any time according to the organization’s needs.
  • Anonymous users do not require a user license.

This model enables flexible operation of applications while maintaining clear control over their usage.

Permissions, user groups, and permission groups

Access to applications, data, and functions in NET Genium is controlled using permissions.

Each building block of the platform (applications, edit forms, browse pages, UI controls, and other objects) allows independent permission configuration. Permissions can be assigned to:

  • user groups,
  • or individual user accounts.

Because a single user can be a member of multiple user groups, manually selecting the correct groups for newly created users can become unclear or error-prone.

For this reason, NET Genium supports permission groups.

A permission group represents a predefined set of user groups that corresponds to a typical way a specific user works within the application.

In the properties of a user account, a specific permission group can be selected. In that case, the user’s assigned user groups are replaced by the set of groups defined by the selected permission group.

The list of user groups assigned to a user is always visible and can still be manually adjusted later according to specific requirements.

The default NET Genium installation contains two basic user groups:

  • Users – standard users
  • Administrators – administrators

Using user groups is the recommended approach for long-term application operation.

History and audit trail

One of the key features of the NET Genium platform is automatic change history tracking.

Every data change in the application:

  • is assigned to a specific user,
  • includes a timestamp,
  • can be reviewed retrospectively.

The audit trail ensures transparency in data handling, supports internal control mechanisms, and enables retrospective analysis of changes.

History tracking is not intended only for error resolution, but is a fundamental tool for responsible management of enterprise applications.

Administrator responsibility

The application administrator is responsible for correctly configuring security principles in a given solution.

This responsibility includes in particular:

  • managing user accounts,
  • designing and maintaining permissions,
  • controlling access to sensitive data,
  • performing regular reviews of configuration settings.

A properly designed security structure protects not only data, but also users and the organization as a whole.

Relationship to other documentation

This guide describes general principles of security and user management.

Detailed information on specific areas is provided in separate guides, for example:

  • user and group management,
  • authentication and login configuration,
  • permission settings in specific applications.

The purpose of this document is to provide context and explain how individual security mechanisms fit together within the NET Genium platform.