Multiple groups - one group per application

In this example, a user can be member of multiple groups and a separate distinct group is used to define authorizations for each application. This example is based on the following conditions:
  • The three basic users are a member of only one of these user groups.
  • A super user has permissions for each application.
  • An administration user has permissions for all applications and also has administration privileges for each application.
The group memberships that support these conditions are shown in the following table.
Table 1. Group memberships for the multiple groups - one group per application example in the multiple applications scenario
User Group memberships
basicUserA FTMUserApp1
basicUserB FTMUserApp2
basicUserC FTMUserApp3
superUser
  • FTMUserApp1
  • FTMUserApp2
  • FTMUserApp3
adminUser
  • FTMUserApp1
  • FTMUserApp2
  • FTMUserApp3
  • FTMAdmin
In the Operations and Administration Console (OAC) enterprise application in WebSphere® Application Server, map the following groups to FTM.Role.Logon:
  • FTMUserApp1
  • FTMUserApp2
  • FTMUserApp3
Alternatively, you can also:
  1. Create an FTMLogon group.
  2. Assign all users to the group FTMLogon.
  3. Map the FTMLogon group to FTM.Role.Logon.