Security
InterSystems security features control the use of Studio, the ability of Studio to connect to any InterSystems server, and support for SSL/TLS-protected connections. When you start Studio, it presents a login screen; to use Studio, you must log in as a user who holds the following privileges:
-
%Development:Use - Use permission on the %Development resource grants access to various development-related resources.
-
%Service_Object:Use - Use permission on the %Service_Object resource grants access to the %Service_Bindings service, which controls access to Studio.
Also, you can connect to a namespace only if you have Read or Write permission for its default database.
The way in which a user is granted these various privileges depends on the instance’s security level, as described in the following list.
-
For an instance with minimal security, all users, including UnknownUser, have all privileges and access to all namespaces. When presented with the Studio login screen, either leave the Username and Password fields blank or enter _SYSTEM and SYS as the username-password pair.
-
For an instance with normal security, you must be explicitly granted the specified privileges. This is established by being assigned to a role or roles that holds these privileges.
-
For an instance with locked-down security, the service that governs access to Studio (%Service_Bindings) is disabled by default. By default, no user has access to Studio.
To change Studio authentication settings:
-
Use the InterSystems IRIS launcher to open the Management Portal.
-
Select System Administration > Security > Services.
-
Click Go in the View or edit service definitions section.
-
Click %Service_Bindings.
-
Select or clear the check boxes under Allowed Authentication Methods.
Note:
Studio access may also be affected by any changes to default settings that have occurred since installation.
