You might need to limit access to debugging functionality for services in the Inspector in IBM® Process Designer. Use the IBM Business Process Manager configuration file (99Local.xml) to control which users have the ability to debug services.
The following elements in the debug section of the 99Local.xml file enable you to configure debugging functionality for services.
Element | Default setting | Description |
---|---|---|
<enabled>true</enabled> | true | Establishes whether debugging of services is enabled. If set to false , when you attempt to debug a service in the Inspector in IBM Process Designer, IBM BPM simply runs the service without providing any debugging feedback. |
<enforce-debug-role>false</enforce-debug-role> | false | Establishes whether IBM BPM users who do not belong to the Debug group (defined in the following setting) can access debugging functionality. By default, this element is set to false , which allows users who do not belong to the Debug group to access debugging functionality. So, by default, all users have access to debugging for services. If you want to limit access to users who are members of the Debug group, set this element to true . |
<debug-role>Debug</debug-role> | Debug | Specifies the role membership that users must
have in order to access debugging functionality. Only one debug role
can be defined. If one or both of the preceding settings is false (enabled and enforce-debug-role), then this setting has no effect. If both of the preceding settings are true, then:
|
<server merge="mergeChildren">
<debug merge="mergeChildren">
<!-- Indicates whether or not debugging of services is enabled. If this is false then debugging a service will simply run the service, and the
debugging functions will be turned off. -->
<enabled merge="replace">true</enabled>
<!-- Defines whether or not users that do not belong to the debug role can access
debugging functions for services. -->
<enforce-debug-role merge="replace">true</enforce-debug-role>
<!-- Specifies the role a user must be a member of to debug a service. Only one
user role can be defined. If enabled is false, or is enforce-debug-role is
false then this has no effect.
If enabled and debug-role is true, then a user belonging to this role will
have access to debugging functions. A user that does not belong to this
role will not have access to debugging functions, hence the service will run
as it would normally.
If you do not specify any value for the debug role this will disable the
debugging functions.
-->
<debug-role merge="replace">Debug</debug-role>
</debug>
</server>