Enterprise security applies to all teamspaces. It is typically defined by the site administrator and it cannot be changed or modified by teamspace members. See Example Collaboration Enterprise Security Definitions.xml file for an example.
The enterprise security file controls the following:
Enterprise security is a set of permissions defined for specific enterprise users and/or groups. This enterprise level of security is directly applied to collaboration objects in addition to any teamspace inherited permissions. The purpose of enterprise level security is to provide a policy that ensures that persistent objects have a default set of permissions. Enterprise groups and users specified in this configuration file are added to all teamspaces as Enterprise Members. Permissions and subjects are defined in a configuration file, Collaboration Enterprise Security Definitions.xml.
The Example Collaboration Enterprise Security Definitions.xml file shows the required enterprise security definition for collaboration. Enterprise groups and users specified in this configuration file are added to all teamspaces as Enterprise Members. The file defines the security policy for teamspaces.
The following table lists the available XML tags for teamspace security:
XML Tag |
Use |
enterprise-subject |
An element that specifies an enterprise security subject and assigns access rights to the subject. |
enterprise-subject/name |
A string that defines the name for the enterprise security subject, must match LDAP/AD. Note that the administrator must edit the <name> value to be a fully-qualified domain name in the enterprise. For example, on SunOne the entry would look like this: For Active Directory the entry would look like this: |
enterprise-subject/type |
A string that defines the type of enterprise security subject, GROUP or USER. |
enterprise-subject/accessalias |
A string that contains a reference to an access alias element defined in the Collaboration Access Alias Definitions.xml file. Low-level access rights are defined there. |
Teamspace templates allow users to save best practice examples of teamspaces so that other users can base their work on them. Users must have at least read access to the teamspace templates to be able to create new teamspaces from them. The purpose of the teamspace templates security is to provide a policy for who may access teamspace templates. By default, all authenticated users can view teamspace templates.
The Example Collaboration Enterprise Security Definitions.xml file shows the teamspace template security. Specifically, the code enclosed within the <required-template-security> tags defines the security rights granted to #AUTHENTICATED-USERS (which is view rights, by default).
The following table lists the available XML tags for teamspace template security:
XML Tag |
Use |
enterprise-subject |
An element that specifies an enterprise security subject and assigns access rights to the subject. |
enterprise-subject/name |
A string defines the name for the enterprise security subject, must match LDAP/AD. |
enterprise-subject/type |
A string that defines the type of enterprise security subject, GROUP or USER. |
enterprise-subject/accessalias |
A string that contains a reference to an access alias element defined in the Collaboration Access Alias Definitions.xml file. Low-level access rights are defined there. |