Authorization for EJB renderings

Security must be enabled in WebSphere Application Server. When an instance of the LocalBusinessProcess or the BusinessProcess session bean is created, WebSphere Application Server associates a session context with the instance. The session context contains the caller's principal. This information is used by both the container and the process engine to check the caller's authorization for each call.

The following reasons for a work-item assignment are used:

These assignment reasons are mapped to authorization authorities:

Special authority is granted to a person with the role of business process administrator. A business process administrator is a special role; it is different from the process administrator of a process instance. A business process administrator has all privileges.

You cannot delete the user ID of the process starter from your user registry while the process instance exists. If you do, the navigation of this process cannot continue. You receive the following exception in the system log file:

no unique ID for: <user ID> 


Related concepts
Required authorizations for process requests
Required authorizations for activity requests



Searchable topic ID:   c6auth
Last updated: Jun 21, 2007 8:07:48 PM CDT    WebSphere Business Integration Server Foundation, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.wasee.doc/info/ee/wfapi/concepts/c6auth.html

Library | Support | Terms of Use | Feedback