WAS v8.5 > Secure applications > Secure Service integration > Secure service integration > Administer authorization permissions > Administer destination rolesOverriding inheritance from the default resource for a destination
Service integration bus security uses role-based authorization. By default, local destinations can inherit access roles from the default resource. If we do not want users and groups in the default access role to access a particular destination, we can override default inheritance for a selected destination.
All the destinations in a local bus namespace can inherit default access roles with the following exceptions:
- A destination for which default inheritance is overridden.
- Foreign destinations.
- Alias destinations that have an alias bus name not the local bus name.
In this task, we use the dmgr console to override default inheritance for a selected destination. This means the users or groups that belong to the default access role can no longer access the selected destination.
- Log into the dmgr console
- Click Service integration -> Buses -> security_value -> [Authorization Policy] Manage destination access roles. The Destination panel lists all the destinations defined for the selected bus.
- Select one or more destinations to work with:
- Click the name of a single destination.
- Select the check boxes next to multiple destinations, and click Manage Access Roles.
The Destination access roles panel is displayed. The information for each selected destination is displayed in a collapsed section.
- Expand a destination to list the users and groups that have been assigned to roles for this destination.
- Clear the Inherit from default check box.
- Click OK to save your changes.
- Save your changes to the master configuration.
Results
The inherited role type assignments are removed from the selected destination. The Destination access roles panel displays the updated access roles for the destination.
Related concepts:
Role-based authorization
Destination security
Bus destinations
Reference:
Access role assignments for bus security resources
Define destination defaults inheritance using wsadmin
Related information:
List users and groups in destination roles
Add users and groups to destination roles
Remove users and groups from destination roles
Restoring default inheritance for a destination
Destinations access roles [Settings]
Foreign bus [Settings]