<?xml version="1.0" encoding="UTF-8"?> <!-- --> <request xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="PortalConfig_1.4.xsd" type="update" create-oids="true"> <!-- Sample for setting access control on resources --> <portal action="locate"> <!-- Virtual resources allow you to set access control on all resources of a certain type. The following example assigns the administrator privileges on all user groups --> <virtual-resource name="USER_GROUPS" action="update"> <access-control> <role actionset="Administrator" update="set"> <mapping subjectid="wpsadmin" subjecttype="USER" update="set"/> </role> </access-control> </virtual-resource> <!-- Set access control on a portlet - the portlet is not redeployed. The same syntax can be used to set access control on a new deployed portlet --> <web-app action="locate" uid="com.ibm.wps.portlets.welcome"> <portlet-app action="locate" uid="com.ibm.wps.portlets.welcome.1"> <access-control> <!-- The user role should not automatically propagate to portlets in this application. --> <role-block type="propagation" actionset="User"/> </access-control> <portlet action="update" active="true" name="Welcome Portlet"> <access-control> <!-- Remove all role blocks on this resource. --> <role-block type="none"/> <role actionset="Administrator" update="set"> <!-- depending on directory used, the DN must be changed --> <mapping subjectid="uid=wpsadmin,o=default organization" subjecttype="USER" update="set"/> </role> <role actionset="Privileged User" update="set"> <mapping subjectid="all authenticated portal users" subjecttype="USER_GROUP" update="set"/> </role> <role actionset="User" update="set"> <mapping subjectid="anonymous portal user" subjecttype="USER" update="set"/> </role> </access-control> </portlet> </portlet-app> </web-app> <!-- Set access control on a page - the layout of the page is not modified. The same syntax can be used to set access control on a new created page. --> <content-node action="update" uniquename="ibm.portal.SamplePage"> <access-control> <!-- The manager role should not be inherited automatically from parents of this page. --> <role-block type="inheritance" actionset="Manager"/> <!-- The manager role is set explicitly on this page. --> <role actionset="Manager" update="set"> <mapping subjectid="wpsadmin" subjecttype="USER" update="set"/> </role> <role actionset="User" update="set"> <mapping subjectid="anonymous portal user" subjecttype="USER" update="set"/> </role> </access-control> </content-node> </portal> </request>