"Security groups" allow for fine-grain permission checking, on a user-by-user basis, across an entire OFBiz web application ("webapp"). If you have webapps needing protection based on a user's permissions—that is, a user's authorization to perform various business processing tasks—and not just login authentication, then using security groups may be the answer.
To protect an OFBiz webapp using security groups, proceed as described here:
ofbiz-component.xmlfile for the component containing the webapp to be secured, add one or more security groups using the
base-permissionattribute. To add multiple security groups, separate each group name with a comma (","). In the following example, ...