![]() Operating systems: i5/OS, Linux,Windows |
You define the role of a user or group for each item type used within a library. The roles determine the default library access of a user or group, as well as defining different access to individual tasks and views within the authoring portlet.
You assign users and groups to the following roles:
Roles | Rendering and authoring portlet access rights |
---|---|
| Users and groups assigned to this role can:
|
| Users and groups assigned to this role can:
|
| Users and groups assigned to this role can:
|
| Users and groups assigned to these roles can:
|
| Users and groups assigned to these roles can:
|
| These roles have no access to Web Content Management items. |
Although Manager and Administrator roles have the similar permissions per item type, if you assign an Administrator role to an entire library, you cannot then remove this role from any item type views. This is not true for a Manager role.
Note: IBM® WebSphere® Portal Express AdministratorsWebSphere Portal Express Administrators automatically have Administrator access to all item-types.
When accessing a Web Content Management Web Site or Rendering Portlet, users login as either anonymous users, or authenticated portal users.
The following pre-defined groups can be assigned roles in a library.
Anonymous portal user | Select this user to assign a role to anonymous users. |
All Authenticated Portal Users | Select this group to assign a role to users that require to log on to your server. |
Users and User Groups | Select this group to assign a role to all users and groups. |
All Portal User Groups | Select this group to assign a role to all groups. |
You can assign roles to both a whole library, and the item types within a library using either an additive or subtractive methodology.
For example, with an additive methodology, you apply the "All Authenticated Portal Users" to the "User" role to the entire library. This will give "All Authenticated Portal Users" access to the library and any authoring portlets configured to use the library. You then apply Contributor, Editor, Manager or Administrator roles to specific resource types to grant additional access to specified users or groups.
With a subtractive methodology, you apply the Manager or Administrator role to a user or group to the entire library. You then apply Editor, Contributor or User roles to specific item types and deselect the inheritance check-box. This reduces the access to different item types for specified users or groups.
By default, each role's access is automatically inherited down to each item in a library. To prevent a user or group from automatically having inherited access to an item, you will need to turn off inheritance on that item.
The permissions set for item types in a library do not automatically give you access to individual items. They only give you access to specific tasks and views within the authoring portlet.
To disable automatic inheritance you edit the WCMConfigService.properties file located in the was_profile_root/PortalServer/wcm/config/ directory. To disable automatic inheritance, set this value to "false":default.inherit.permissions.enabled=false
You will need to restart WebSphere Portal to enable any configuration changes made to this file.
Parent topic: Working with libraries Parent topic: Customizing an authoring portlet Parent topic: Developing an access control strategy Related concepts