Security

JUMMP uses Spring Security as the Authentication framework and the Authentication object. Users can be assigned roles. Read and write access to models can be given based on the user, or a role associated with the user.

Registration

Users can register on Jummp using the 'register' link. This takes a user to a form where information is taken about the user. The form includes mechanisms to prevent spam including a captcha. If registration is successful (i.e. information supplied is validated, and the username is distinct) then a password is generated for the user, and emailed to them. This is second measure to prevent spambots from registering by requiring a functional email account.

Alternatively, admins can create user accounts by clicking on User Management from the home page, and clicking the add user icon as shown in the image below. The mechanism that follows is similar to the user registration mechanism (a password is generated for the user and emailed to them).

User Management

In addition to creating users, admins can manage various aspects of a user's accounts. This includes enabling and locking accounts, and expiring accounts and passwords.

Furthermore by clicking on a particular user's id it is possible to edit details about the user, and assign or remove roles from their account.