IBM FileNet P8, Version 5.2            

Security settings

Default security

Typically, your administrator defines the default security for document classes, folder classes, and custom object classes. Other ways to define default security are through:

If you possess appropriate permissions, you can change the security for an object.

Note: Your administrator can set a site preference that hides security pages when you add or check in documents or add folders. If the security pages are hidden when you add a document or folder, the default security from the document or folder class is applied, and document default security might also be defined by a security policy. When you check in a document, default security comes from the settings applied during the last checkout (reservation object) and from the security policy if one is used with the document. For more information on the reservation object, see About versioning.

Security settings

The basic security page for an object displays a list of the users and groups that have been granted access to the object and shows the permission level granted. From this page, you can view or assign a security policy for the object, or you can add new users and groups or modify the permissions for the existing users and groups.

Note: Administrators can use a different tool to administer security. That tool refers to the security settings as the Access Control List (ACL). The tool also identifies each user and group title and its permissions as an Access Control Entry (ACE).

The following illustration shows the security settings for a document called Timesheet. A security policy is currently assigned to the document and controls the default security. Check marks show the permissions granted to each user or group.

Security example

In some cases, a specific user or group might be listed more than once in the security settings for an item. In these cases, the security settings for the user or group are derived from more than one source. For example, if the user "abrown" has access rights that are inherited, are obtained from a security policy, and are set directly, his user name would be listed three times. In addition, when the optional IBM InfoSphere Enterprise Records expansion product is enabled, the records management settings can apply yet more security to a document. You can click the user or group name to view the details of the settings. An icon, as shown in the following table, denotes the source of the security settings.

Table 1. These icons denote the source of a security setting.
Icon Description
No icon Security settings were directly set (explicit).
Settings derive from folder inheritance Security settings derive from folder inheritance.
Settings propagate to all subfolders Security settings propagate from one folder to all levels of its subfolders.
Settings propagate to next level folder Security settings propagate from one folder down one level to the next subfolder.
Settings derive from security policy Security settings derive from a security policy. (Icon available in Workplace XT only)
Note: A security parent could represent the source of the document's security when inheritance is configured. Inheritance from a parent folder can also apply to folders when adding a new folder. Your administrator defines the rules governing security inheritance.


Feedback

Last updated: March 2013
WcmSecurityAccessSelect002.htm

© Copyright IBM Corporation 2013.
This information center is powered by Eclipse technology. (http://www.eclipse.org)