Defining roles within a library
You can define the access of a user or group for a library to determine who has access to a library, and to define access to the different views within the authoring portlet.You must have administrator access to edit web content libraries.
Additive and subtractive methodology:
You can assign roles to both a whole library, and the item types within a library using either an additive or subtractive methodology.
For example, with an additive methodology, you apply the "All Authenticated Portal Users" to the "Contributor" role to the entire library. This grants "All Authenticated Portal Users" access to the library and any authoring portlets configured to use the library. You then apply Editor, Manager, or Administrator roles to specific resource types to grant additional access to specified users or groups.
With a subtractive methodology, you apply the Manager or Administrator role to a user or group to the entire library. You then apply Editor, Contributor, or User roles to specific item types and clear the inheritance check box. This reduces the access to different item types for specified users or groups.
It is good practice to enable propagation from the web content library because this simplifies administering library access and because disabling propagation results in access-related errors.
Assign access permissions to a library and library item types:
- Open the administration portlet.
- Go to Portal Content and then Manage Web Content Libraries.
- Set library access permissions:
- Click
on the library you would like to edit. on the library you would like to edit.
- Click
on the role you would like to edit. on the role you would like to edit.
- Click Add and search for any users or groups you would like to assign to a role.
- Click OK.
- Click Resources to return to the previous view.
- Click Done.
- Click
- Set access permissions to the different library item types. This defines the views and actions that are available from within the authoring portlet:
- Click
on the library you would like to edit. on the library you would like to edit.
- Click on the role you would like to edit. on the role you would like to edit.
- Click Add and search for any users or groups you would like to assign to a role.
- Click OK.
- Click Resources to return to the previous view.
- Click Done.
- Click
Item-level security inheritance:
By default, each role's access is automatically inherited down to each item in a library. To prevent a user or group from automatically having inherited access to an item, you need to turn off inheritance on that item.
The permissions set for item types in a library do not automatically give you access to individual items. They only give you access to specific tasks and views within the authoring portlet.
To disable automatic inheritance you, specify the following property in the WCM WCMConfigService service using the IBM WAS administration console:
- Property name: default.inherit.permissions.enabled
- Value: false
You need to restart WebSphere Portal to enable any configuration changes.
Parent
Web content library managementRelated
Develop an access control strategy
Previous
Set service configuration properties
Related reference
| | |
| 2 KB | permissions.jpg | 12/14/11 5:29 PM | |||||||||
| 2 KB | edit.jpg | 12/14/11 5:29 PM | |||||||||
| 1 KB | keydoc.jpg | 12/14/11 5:29 PM | |||||||||
| 2 KB | ATTZODCF | 12/14/11 5:29 PM |
});