2. KnowSystem
  3. Silverdale Security Module

Silverdale Security Module

User Guide


Overview  

The Silverdale security extension improves security and keeps an audit log.

Key features:

  1. User logging details  
  2. User security roles  
  3. Login case sensitivity  
  4. Password security  

User logging details  

Once this feature is enabled, it logs all the login information of the user, including the user's name, IP address, login date and time, host name, browser name, and session status. 

It also has another sub-feature of time-based logout based on last login and inactivity. 

Configuration  

  1. Go to settings and enable user log details from the security extension. 

User Impact  

  1. Once enabled, go to settings. Click on users and companies, then click on user sessions. 
  2. Upon clicking, you will be displayed with a list of all the users that logged in along with details. The user can also filter by Active or Inactive and do grouping based on User, Start Date, Status, and Browser.   
  3. Upon clicking on any user in the list you will be displayed with details. Upon clicking on any user in the list, details will be displayed.  

Time based logout  

Time-based logout, once enabled and configured, logs the user out automatically based on the configuration applied. It works on the last login and last activity, and duration can be defined during configuration.

Configuration  

  1. Go to settings and enable "User log details" from the security extension.
  2. This will enable the time-based logout feature. 
  3. We applied configuration logout after last login and after one month, which means that if any user in the company does not log in for a month, they will automatically be logged out.
  4. The user can also configure logout based on inactivity.  

User Impact  

  1. Once the configuration is enabled for logout after last login and the duration is defined as one month, the user will automatically be logged out after one month.
  2. If the configuration is applied to logout based on inactivity and the defined duration is an hour, the user will automatically be logged out if they are inactive for an hour.

User security roles

This feature lets you create and predefine the roles and rights for the users, which will help you automatically assign the role when creating any user and give them access based on your preferences. This saves time on assigning every individual role again and again. 

Configuration  

  1. Go to settings and enable User Security Roles from security extension.  

User Impact  

  1. Once the feature is enabled, go to settings and in users & companies, click on user roles.  
  2. This will display list of all roles that were created previously.  
  3. Clicking on "Create" will redirect to a page where roles can be set. Enter the role name and add the users from the drop-down list against whom you wish to apply the role; once applied, they will be able to use the modules that are assigned to the role. 
  4. In the Access Right, select the modules to be assigned to role and click on save.  
  5. You can always create new user by clicking on new user on top right  
  6. Once clicked on Saved role will be created and applied to the users defined.  

Login case sensitivity 

Login case sensitivity, once enabled will not check for case sensitivity on the email or user name.

Configuration  

  1. Go to settings and enable login case sensitivity from Security extension.  

User Impact  

  1. Once feature is enabled this will allow the user to login the email if its capitalized or small.  
  2. Example: we created a user named "[email protected]" with a capital S in Standard Odoo. If we try to login using [email protected], this will not allow the user to login , but once the extension is enabled, this will allow the user to login with [email protected].

Password security  

The Password Security feature, once enabled, lets you define setup rules against the password, including:

  1. Disallow reuse of password.  
  2. Define the minimum number of characters.  
  3. Define upper case characters count, lower case characters count, numeric characters count, and special characters count.

Configuration  

  1. Go to settings and enable Password Security in the Security Extension.  
  2. Enabling password security will let the user configure the following features:
  3. Setting the password expiry duration  
  4. The user can define the number of days.
  5. Disallow reuse of password 
  6. The user can define the count after which the password can be reused.
  7. Define the minimum number of characters.
  8. The user can define the minimum number of characters.
  9. Define upper case characters count, lower case characters count, numeric characters count, and special characters count.
  10. Once all the configuration has been made, click on "Save."

User Impact  

  1. Once the configuration has been made, whether the password change is done on the portal or within the website, the user will be required to create or set a password based on the defined configuration.
  2. We configured for 8 characters minimum and tried to add a password with 3 characters, but it passed an error.