The TariffShark CPUC architecture consists of 3 tiers: database, application, and client. Clients connect to the application server using usernames and passwords, which are managed within TariffShark CPUC. The application server connects to the database server using either a SQL Server Login or a Windows account created specifically for that purpose. Therefore, TariffShark CPUC application users are not authenticated individually against SQL Server. Instead, they indirectly "share" the same database credentials.
A one-time handshake must be made between all TariffShark CPUC clients and a TariffShark CPUC application server. We call this "client registration". Among other things, the client registration process returns unique encryption keys to the client machine (this is a security measure). In order to protect your TariffShark CPUC application server from accepting random client registrations, a secret key must be supplied by the user when registering. Establishing the secret key is a configuration step when installing and setting up the TariffShark CPUC application server.
TariffShark CPUC users must login to an application server.
Before users may login, however, Security Roles and User Accounts must be configured. TariffShark CPUC ships with one default User Account, which is configured as an administrator. You must use this account to bootstrap your required security configuration as follows:
Update the password on the default administrator User Account so that it is no longer the default password provided with TariffShark CPUC.
Determine who will be your security administrator(s).
Create account(s) for this person/these people and assign them the "Security Officer" role (which is a default Security Role that is provided with TariffShark CPUC).
Your security officer(s) must...
Review the default Security Roles in TariffShark.
Administrator
Configurator
Editor
Publisher
Read Only
Security Officer
Adjust them per your security requirements.
Create new Security Roles per your security requirements.
Create User Accounts per your security requirements.
Tie User Accounts to Security Roles per your security requirements.