Access to composite applications and application components

Portal, Express Beta Version 6.1
Operating systems: i5/OS, Linux,Windows

Access to applications and components

Specify user access to composite applications, application pages, and application components by customizing the default membership roles that are initially displayed in the Roles portlet: Administrators and Users.

The hierarchy of objects

Use the Roles portlet to view, create, edit, and delete the membership roles for a composite application. When you create or edit application membership roles, you specify the levels of access that members in the role have to work with the application (including editing the application and managing its membership), its pages, and its components:

composite application

all application pages

application components

Application access

All members of a composite application can view and use application pages, regardless of their assigned roles. For each role that you define for an application, you can choose one or both of the following additional permissions for Application Access Settings:

Also allow members of this role to edit the application.

Also allow members of this role to manage the membership of the application.

Therefore, all application membership roles are derived from one of three application role types used by portal access control:

Application manager: The membership role permits editing the application and managing the membership of the application.
Application membership manager: The membership role permits managing the membership of the application. The role does not permit editing the application.
Application user: The membership role permits using the application. The role does not permit any level of manager access.

Note: The name of an application membership role does not always imply the permission provided by the underlying application role type. To verify the precise level of access that an application membership role provides, open the Roles portlet in the application: From the application page menu, click Manage Application Roles.

The following table describes the access levels that are available for an application based on the default membership roles, Administrators and Users. You create new membership roles for an application by customizing these predefined roles.

Object	Default Membership Role	Default Access Provided
Application	Administrators	Administrators own the application (Application Owner). By default, this role grants the additional permission Also allow members of this role to edit the application; this option provides Application Manager access to the application. By default, this role also grants the permission Also allow members of this role to manage the membership of the application; this option provides Membership Manager access.
	Users	Users can view all pages of the application and use the application components according to the specified component access levels. If Users have permission to use application templates, they can also create applications from templates. By default, Users do not have the additional access to edit the application and its pages and to manage application membership. You can specify these additional access levels when you customize this membership role.

Object

Default Membership Role

Default Access Provided

Application

Administrators

Administrators own the application (Application Owner).

By default, this role grants the additional permission Also allow members of this role to edit the application; this option provides Application Manager access to the application.

By default, this role also grants the permission Also allow members of this role to manage the membership of the application; this option provides Membership Manager access.

Users

Users can view all pages of the application and use the application components according to the specified component access levels.

If Users have permission to use application templates, they can also create applications from templates.

By default, Users do not have the additional access to edit the application and its pages and to manage application membership. You can specify these additional access levels when you customize this membership role.

Pages and components access

Application users will be able to work with all application pages and each application component according to the level of access that you select in the Pages and Components Access Settings table of the Roles portlet. The default application membership roles provide the access levels shown in the following table:

Object	Default Membership Role	Default Access Provided
All Application Pages	Administrators (Can edit the application and control membership) Users (Can use the application)	Manager (Managers are allowed to create, edit, and delete shared resources.) User (Users are allowed to view portal content.)
application component (portlet)	Administrators Users	Manager (Managers are allowed to create, edit, and delete shared resources.) No access (Cannot access the portlet)

Object

Default Membership Role

Default Access Provided

All Application Pages

Administrators (Can edit the application and control membership)

Users (Can use the application)

Manager (Managers are allowed to create, edit, and delete shared resources.)

User (Users are allowed to view portal content.)

application component (portlet)

Administrators

Users

Manager (Managers are allowed to create, edit, and delete shared resources.)

No access (Cannot access the portlet)

When you create application roles, you change the default settings and select the level of access that you want application users to have when working with all application pages and particular application components. The levels of access that are available for selection are the portal roles that control access rights to portal resources:

No Access

Administrator

Security Administrator

Delegator

Manager

Editor

Contributor

Privileged User

User

To make your selection easy, each access level includes a description next to the portal role name: for example, Editor (Editors are allowed to create and edit shared resources). Parent topic: Working with composite applications

Library | Support | Terms of use |