IBM Support

Troubleshooting: FileNet Content Engine Security Authorization

Troubleshooting


Problem

Troubleshooting FileNet Content Engine Security problems should help address common issues with this component before calling IBM® support and save you time.

Resolving The Problem



Tab navigation





Troubleshooting steps to help resolve authorization problems
  1. Was an E_ACCESS_DENIED exception thrown to the client?
    1. Look in the FileNet Content Engine's error log for further information. Find the exception in the error log and the text associated to the exception may contain a description of the cause.
    2. See the description below in step 3 (Was the user unable to see an object that they should?).
  2. Is a user able to see an object when they shouldn't? The root cause of this is the user was granted the view all properties (READ) or modify owner (WRITE_OWNER) right.
    1. Look at the permission's list for the object. Verify that the user, or any group that user belong in, is not being granted the view all properties (READ) or modify owner (WRITE_OWNER) right.
    2. Look at the owner property of the object. When the owner is the user in question they will be granted the modify owner (WRITE_OWNER) right and therefore will be able to see the object.
    3. Look at the permission's list of the ObjectStore. Verify that the user, or any group that user belongs in, is not being granted the set owner of any object (WRITE_ANY_OWNER) right.
  3. Was the user unable to see an object that they should? The root cause of this is the user was not granted the view all properties (READ) or modify owner (WRITE_OWNER) right.
    1. Look at the permission's list of the object. Verify that the user, or any group the user belongs in, was granted the appropriate right and not denied one of the required rights.
    2. If this object has a marking, verify that the view all properties (READ) or modify owner (WRITE_OWNER) right was not denied by that marking. This can occur if the user does not have the Use right on the marking or the deny of the marking included one of the required rights. See the FileNet P8 Documentation at FileNet P8 Administration -> Enterprise-wide Administration -> FileNet P8 Security -> Authorization -> Markings for a full description of how markings work.


What to do Next?
If the preceding troubleshooting steps did not solve your problem, see the MustGather for Authorization problems to continue the investigation.

[{"Product":{"code":"SSNVNV","label":"FileNet Content Manager"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Content Engine","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"4.0;4.0.1;4.5;4.5.0;4.5.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
17 June 2018

UID

swg21308584