Tutorials > Management Center > Add new properties to a WebSphere Commerce service using the data service layer
Create an access control policy to secure the new information
The previous step created a new access profile, MyCompany_All. By default, only the users with a site administrator role will have access to this new data. In this step we will update the Catalog service access control policy to state that all users have access to view this data.
The new policy defines a new action for the MyCompany_All access profile and adds the new action to the CatalogEntry all users group. The access profiles for Change, Process, and Sync are only run after the access control check on the Change, Process, or Sync action.
Tip: Although the previous step of the tutorial also created the MyCompany_CatalogEntry_Update and MyCompany_CatalogEntryDescription_Update access profiles, only those access profiles used by Get commands need to be explicitly registered.
Procedure
- Create the following file: WCDE_INSTALL\xml\policies\xml\MyCompanyCatalogAccessControlPolicies.xml
- Copy and paste the following access control policy XML into this file:
<Policies> <Action Name="GetCatalogEntry.MyCompany_All" CommandName="GetCatalogEntry.MyCompany_All"/> <ActionGroup Name="Catalog-CatalogEntry-AllUsers-AccessProfileActionGroup" OwnerID="RootOrganization"> <ActionGroupAction Name="GetCatalogEntry.MyCompany_All"/> </ActionGroup> </Policies>
- Run the acpload command to load the access control policy:
- Open a command prompt and navigate to WCDE_INSTALL\bin
- Run the following command: acpload MyCompanyCatalogAccessControlPolicies.xml
Usage: acpload <database name> <database user> <password> <input xml filename (NON-NLS)> <schema name>
Example: acpload ORCL user userpwd defaultaccesscontrolpolicies.xml user