Java EE roles for BPEL processes

IBM BPM, V8.0.1, All platforms > Securing IBM BPM and applications > Security in human tasks and BPEL processes > Authorization roles for BPEL processes
Java EE roles for BPEL processes

Java EE roles are set up when Business Process Choreographer is configured. For Java EE role-based authorization, you must have a user registry configured and application security enabled.
The following Java™ Platform, Enterprise Edition (Java EE) roles are supported for processes:

BPESystemAdministrator. Users assigned to this role have all privileges. This role is also referred to as the system administrator for BPEL processes.
BPESystemMonitor. Users assigned to this role can view the properties of all BPEL process objects. This role is also referred to as the system monitor for BPEL processes.
JMSAPIUser. Business Flow Manager JMS API requests are run on behalf of the user ID this role is mapped to, regardless of who the caller is.

You can use the administrative console to change the assignment of users and groups to these roles.
You can use Security Authorization Facility (SAF)-based authorization (for example, using the RACF EJBROLE profile) to control access by a client to Java Platform, Enterprise Edition (Java EE) roles in EJB and enterprise applications, including the process container.

Authorization roles for BPEL processes

Related information:

Mapping users to the system administrator role
Mapping users to the system monitor role
Commands to implement roles and user assignments