Security must be enabled in WebSphere Application Server. When an instance of the BusinessProcess message-driven bean (MDB) is deployed, the role MDBUser role must map to a specific user ID. This user ID is used by both the business process container and the process engine to check the caller's authorization for each request.
The following authorization authorities are needed:
Request | Required authorization |
---|---|
forceTerminate | process administrator |
sendEvent | potential activity owner or process administrator |
Special authority is granted to a person with the role of business process administrator. A business process administrator is a special role; it is different from the process administrator of a process instance. A business process administrator has all privileges.
You cannot delete the user ID of the process starter from your user registry while the process instance exists. If you delete this user ID, the navigation of this process cannot continue. You receive the following exception in the system log file:
no unique ID for: <user ID>