How to effectively manage large number of users in web applications: user groups vs. application roles in Arnica UnifiedLogon
April 12, 2012 by Igor Lozhkin
In Arnica UnifiedLogon
both user groups and application roles have the same two purposes: group users for various purposes and manage application access.
The difference between the two lies in how they are defined. User groups are defined globally, on system level. Application roles are defined locally for each application. In other words, application roles maybe defined as application-specific user groups.
Typically, user groups are set up to be used by many applications, or they may be created for other purposes unrelated to any application activity, e.g.: Power Users, Mailing Recipients, Customers, Vendors, etc.
Application roles are set up for each application and would most likely be related to the features of a particular application, e.g. application 'Campaign Management' may have such roles as Campaign Administrators, Campaign Volunteers, etc.
Both user groups and roles may be referenced by any application, and roles defined within application A may be referenced within application B.
allows creating an unlimited number of user groups and application roles. We recommend assigning application roles to users whenever possible, thus keeping the global user group list within manageable limits.
Application roles are created and accessed from the application properties page: