By default, administrators are permitted to obtain and
view task instance data regardless of whether they own the associated
tasks. However, you can control administrator access to task instance
data by adding the authorization-enabled-for-admins-to-get-set-task-data configuration
setting to the 100Custom.xml files.
About this task
If the authorization-enabled-for-admins-to-get-set-task-data configuration
setting is not set, or is set with the value admins,
administrators can obtain and view task instance data. If the configuration
setting is set with the value noadmins, administrators
are prevented from accessing task instance data.
Procedure
To add the configuration setting to the 100Custom.xml file,
complete the following steps:
- Stop the server for IBM® Workflow
Server or Workflow Center.
- Open each 100Custom.xml file. For
information about the individual 100Custom.xml files
that need to be updated and their locations, see the topic Location of 100Custom configuration files.
- In each 100Custom.xml file, add the authorization-enabled-for-admins-to-get-set-task-data setting.
For example, to prevent administrators from accessing task instance
data, add the following elements under the
<properties>
element:
<server>
<portal>
<authorization-enabled-for-admins-to-get-set-task-data merge="replace">noadmins
</authorization-enabled-for-admins-to-get-set-task-data>
</portal>
</server>
- In each 100Custom.xml file, save your
changes.
- In a browser, open each 100Custom.xml file
to ensure that it contains no special characters.
- Complete one of the following steps:
- In a clustered environment, ensure that the changes are propagated
to the nodes by forcing a synchronization and restarting the deployment
environment.
- In a stand-alone server environment, restart the server.