The Organization Administration Console allows you to make simple changes to access control policies and their parts. To make more sophisticated changes, edit the XML files directly, and then load them into the database.
Before you begin making changes to the XML files for access control, you should read the topics Access Control and Create an access control policy. These topics provide a technical overview of access control and explains how to create customized commands, entity beans, and JSP templates that can be protected by access control policies.
Once you have finished the code customization, you can edit the XML files for access control to establish the protections you require.
The following changes can only be made by editing and then loading the appropriate XML files:
- Create or modifying an action
- Create or modifying a relationship
- Create or modifying a relationship group
- Create or modifying a resource
- Create or modifying attributes
- Create or modifying access groups using complex criteria
- Create or modifying resource groups using complex criteria
- Create a role-based policy for views
- Change the action group in a role-based policy for views
- Create or modifying a policy group
- Associating policies with policy groups
You can manipulate the XML files to perform the following authorization tasks:
- Protecting views
- Protecting controller commands
- Protecting resources
- Protecting data beans
- Grouping resources by attributes
- Define relationships
- Define relationship groups
- Define access groups
- Define policies
Authorization
Understanding access control
Customizing default access control policies
Implementing access control
Examples: Customizing access control policies using the Organization Administration Console
Access control files
Default access control policies
Default access control policy groups
Sample: Access control policies for development purposes