WAS v8.5 > Secure applications > Secure Service integration > Secure service integration > Administer authorization permissions > Administer destination roles

Restoring default inheritance for a destination

Service integration bus security uses role-based authorization. By default, all local destinations inherit access roles from the default resource. If default inheritance has been previously overridden, we can restore it for a selected destination.

Default inheritance has been overridden for a selected secured destination. For more information, see Overriding inheritance from the default resource for a destination.

If default inheritance has been overridden for a particular destination, we can restore it. In this task, we use the dmgr console to restore the role type assignments from the default resource to a selected destination. A destination can only inherit access roles allowed for that particular type of destination. For example, a topic space can inherit the sender and receiver roles, but it cannot inherit the browser role. Inherited access roles are added to any existing access roles for the destination.

  1. Log into the dmgr console.

  2. Click Service integration -> Buses -> security_value -> [Authorization Policy] Manage destination access roles. The Destinations panel lists all the destinations defined for the selected bus.

  3. Select one or more destinations to work with:

    • Click the name of a single destination.

    • Select the check boxes next to multiple destinations, and click Manage Access Roles.

    The Destination access roles panel is displayed. The information for each selected destination is displayed in a collapsed section.

  4. Expand a destination to list the users and groups that have been assigned to roles for this destination.

  5. Select the Inherit from default check box.

  6. Click OK to save your changes.

  7. Save your changes to the master configuration.


Results

The role type assignments for the default resource are inherited by the selected destination. The Destination access roles panel displays the newly inherited default access roles for the destination, and any existing access roles.


Related concepts:

Role-based authorization
Destination security
Bus destinations


Reference:

Access role assignments for bus security resources
Define destination defaults inheritance using wsadmin


Related information:

Add users and groups to destination roles
Remove users and groups from destination roles
List users and groups in destination roles
Disable inheritance from the default resource
Overriding inheritance from the default resource for a destination
Destinations access roles [Settings]
Foreign bus [Settings]


+

Search Tips   |   Advanced Search