Item Security
Overview
Various levels of access can be given to WCM Items.
Note that Profiling is different from using security. In a Profile based personalized Site, although a User may not be able to access all the pages via personalized Menus, they may still be able to access other pages by using Navigators, or by searching for Content. In a Secured Site, a User can only view items that they have been granted access to.
Item Security is set in the Security section of item Forms.
Live Allows a User or Group to:
- View an item in the "Live" web site.
Read Allows a User or Group to:
- View an item in the Authoring Portlet.
- View an item in the "Live" web site.
Edit Allows a User or Group to:
- Edit an item.
- View an item in the Authoring Portlet.
- View an item in the "Live" web site.
Delete Allows a User or Group to:
- Delete an item.
- Edit an item.
- View an item in the Authoring Portlet.
- View an item in the "Live" web site.
Workflow Security
Users and groups can also be given different access levels during a Workflow Stage. (These are specified in the Properties section of the Workflow Stage, not the Security section.) Workflow security uses the same levels as item security with the addition of "approve".
Approve Allows a User or Group to:
- Approve an item within a Workflow.
- View an item in the Authoring Portlet.
- View an item in the "Live" web site.
The access that is set in Security section does not overrule access rights set in a Workflow Stage or vice versa. This means that if a User has only Read access to an item, but Edit/Read access in a Workflow Stage, they will be able to edit the item during that Workflow Stage. In most cases, the minimum level of security should be set at the item level. Additional access can then be granted within different Workflow Stages.
Where Security is Set
When a new item is created, the creator is automatically given full access to the item; live, read, edit and delete. If an item is participating in a Workflow, these security settings are only applied to the first stage of a Workflow.
Viewing an Item's Security Settings
The following sections are displayed on the Security section of each item.
User-Defined If the item is not participating in a workflow, the User can edit access under User-Defined. A User only has access to edit User-defined access up to the same level as the User-defined access they have for that item. E.g., A User with Read Access can edit the User-defined security for Live and Read access, but not for Edit or Delete access.
Workflow If an item is participating in a Workflow, then the User-Defined option does not appear and the Workflow settings are displayed. This cannot be edited. Workflow-defined access is set in Workflow Stages. System-Defined Administrators can edit User access to an item at any time by changing the System-Defined settings. Effective The absolute access to an item is displayed under Effective. This displays the cumulative Security of User-defined plus Workflow-defined plus System-defined.
Restricting "Live" access to anonymous or authenticated users
When accessing a WCM Web Site or Rendering Portlet, users login as either anonymous users, or authenticated portal users.
- If you would like to grant anonymous access to WCM items, select the user called "anonymous portal user".
- If you would like to grant access to WCM items only to authenticated users, select the group called [all authenticated portal users].
- If you would like to grant access to WCM items to all users, select the group called [all users].
These selections are available in the "live" security dialog in WCM items. You do not need to create or edit them in WebSphere Portal.
Parent topic: Access and Security.
IBM Workplace Web Content Management - V5.1.0.1 -
Workplace Web Content Management is a trademark of the IBM Corporation in the United States, other countries, or both.
IBM is a trademark of the IBM Corporation in the United States, other countries, or both.