We have the security in the web console set to PTH and it lets anyone login to the web console with any username/password giving them a BASIC security level. The only thing it seems to let the user do is see procedures and even run them.

Is there a way to either hide the procedures or disable the anonymous signon?

Eric

The answer may be in WebServer Console > Workspace > Configure > Access Control

I think the Access Control only allows the different types of security modes to be set with the web console, in which case we have it set to PTH.

Take a look at the WebServer Console online documentation, the section on "Workspace Manager Configuration" seems to suggest that you can control what kind of user sees the Metadata and Procedures Page.

The only documentation I found allows for 3 user types:

Admininstrator
Server Admin
Server Operator

All 3 are allowed to view procedures. There is another user type which you cannot set and that is the Basic user type, which I think is associated with annoymous logins (any username/any password). And this is the usertype I need disabled. I can basially go into the web console and type "ASDF" as the username and it will still log the user on and let them see Procedures. I cannot find anything about it in the documentation about this though...

Workspace Manager Configuration

Access to the administrative features of the Web Console can be restricted by a list of users defined in server admin id. Users defined in the list may have Server or Application administration level. A Server Administrator has the ability to perform all the administrative tasks available through Web Console operations. If there is more than one Server Administrator defined, the first valid member of the list is used to impersonate FDS and other special services. An Application Administrator is limited to the administrative tasks that do not require changing configuration or restarting the server. All other users (basic users) can only use the Web Console tasks indicated as such in the following table.

Any IDs (beyond the original ID used to configure the server) that are used for server or application administration also require read/write privileges to the respective locations that the IDs are expected to manage. To do this, establish group rights for the locations at the operating system level. To view and run Resource Governor procedures, IDs must be at least at the Application Administrator level.

(Sorry about the poor display of the table below)

Web Console Task	Administration Level
	Server Administrator	Application Administrator	Operator	Basic user
Home Page	Yes	Yes	Yes	Yes
Workspace	Yes	In monitor mode only	In monitor mode only	In monitor mode only
Start and stop agents, terminate sessions and connections	Yes	No	Yes	No
Start and stop server	Yes	No	Yes	No
Diagnostics Page	Yes	Display tracing only	Display tracing only	Display tracing only
Version, Log off, Preferences and Help Pages	Yes	Yes	Yes	Yes
Data Adapters Page	Yes	Yes, except Add/Change/Remove connections parameters and Edit configuration files	No	No
Remote Servers Page	Yes	Yes, except Add/Change/Remove connections parameters and Edit configuration files	No	No
Metadata and Procedures Pages	Yes	Yes, except Configure Application Path	No	No
DataMigrator Page	Yes	Yes, except Configure Application Path	No	No
Create more Server or Application Administrators	Yes	No	No	No

This message has been edited. Last edited by: Francis Mariani,

Do you know which version of WF that chart is for?

If you look at the link:

http://documentation.informationbuilders.com/masterinde...ecurity8.htm#1062683

Which is for 7.1.x it lists the procedure page as "yes" for basic users.

Eric