Topic
1 reply Latest Post - ‏2011-07-06T18:24:47Z by idh
WS7Newbie
WS7Newbie
5 Posts
ACCEPTED ANSWER

Pinned topic Fine-grain Access Controlling WSDLs in WSRR 7.0

‏2011-07-06T17:55:38Z |
I am trying to configure fine-grained access control for WSDL Documents loaded in WSRR 7.0.

To test this, in the Configuration perspective, I created a new role and the only permissions I gave it was for retrieving a WSDL with a certain name (e.g. XPATH Target= /WSRR/WSDLDocument).

I also removed all authenticated users in the other default roles present in WSRR's Governance Enablement Profile. However, when I login to WebUI using the said user I can only see the Configuration Perspective and I can even modify roles and permissions which does not make sense at all. The infocenter's information are not very detailed as well.

Does anybody have an idea how to implement fine-grained access control in WSRR? Any links for some samples on how to do it?

Thanks.
Updated on 2011-07-06T18:24:47Z at 2011-07-06T18:24:47Z by idh
  • idh
    idh
    2 Posts
    ACCEPTED ANSWER

    Re: Fine-grain Access Controlling WSDLs in WSRR 7.0

    ‏2011-07-06T18:24:47Z  in response to WS7Newbie
    Hi,
    If you haven't done so already I would suggest looking at the security chapter (7) in the following redbook - http://www.redbooks.ibm.com/abstracts/sg247793.html
    I suspect from your description that you need to remove the AllAuthenticated role from the J2EE Administrator role for the Service Registry application in WebSphere Application Server. This is covered in the redbook.
    FYI - If you would like this new role to have access to one of the out of the box UI perspectives you will also need to add this role to the relevant XML file for the given perspective (e.g. GEPBusinessPerspective.xml).
    Thanks,
    Ian