Sample: Access control policies for development purposes
The following access control policy samples show you how some basic access control policies can be used in the development environment, so that you can quickly test new resources. They are not designed to be used as-is on a WebSphere Commerce production environment, as they do not provide adequate resource protection.The following samples are provided:
- Sample: Access control policy for new views
If you create a new view, use the following access control policy so that you will be able to test the new view in your development environment (modify the policy for your environment and load it using the acpload utility).- Sample: Command-level access control policy for new controller commands
Controller commands require access control policies in order to meet the requirements of the access control framework. If you create a new controller command, the name of the command's interface is specified as a resource. The following XML snip can be modified for your new command and loaded using the acpload command:- Sample: Resource-level access control policy for a new entity bean
The following XML file can act as a template for access control requirements when you create new entity beans. In the case of the following file, the new entity bean is called the Bonus bean, it corresponds to the XBONUS database table, and it gets used by the MyNewControllerCmd controller command. In this access control policy, only the creator of a bonus bean object can perform the MyNewControllerCmd action upon that object.Related concepts
Understanding access controlRelated tasks
Implementing access control
Create an access control policy
Define access control policy elements using XML