Adding users and groups to default roles

Service integration bus security uses role-based authorization. By adding selected users and groups to the default roles for all the local bus destinations on a secured bus, you provide those users and group members with access to the local bus destinations that are allowed to inherit default roles.

Before you begin

If a bus destination is not allowed to inherit the default roles, you must first add the user or group to the role that grants authorization permission for the specific local destination. For more information, see Adding users and groups to destination roles.

About this task

The default roles are sender, receiver, creator and browser. In this task you use an administrative console wizard, the Security wizard, to add selected users or groups to the default roles. The Security wizard requests information to enable it to retrieve selected users or groups from the potentially very large number of users and groups in the user repository.

Procedure

  1. Log onto the administrative console.
  2. Click 服務整合 -> 匯流排 -> security_value -> [授權原則] 管理預設存取角色. The Default access roles panel is displayed.
  3. Expand the Default access header to list the users and groups that have been assigned to default access roles.
  4. Click Add to start the Security wizard. The wizard takes you through the following steps to add selected users or groups to default access roles:
    1. Search for the users or groups that you want to add to default access roles:
      Users or Groups
      Select either Users or Groups to specify whether you want to grant access roles to users or groups.
      Search pattern
      This field is mandatory. Specify a search string that is matched against user IDs or group names in the user repository. Only user IDs or group names that match the search pattern are retrieved, subject to the maximum number of search results. Wildcard characters are allowed.
      Maximum number of search results to display
      This field is mandatory. Specify the maximum number of user IDs or group names you want the administrative console to display.
    2. Click Next. The wizard displays the users or groups in the user repository that match the information that you provided in the previous step.
    3. Select the check boxes next to the user IDs or group names that you want to add to the default access roles, and click Next. A list of user IDs or group names that you can add to the default access roles is displayed. Note that some users or groups might already be assigned to default access roles.
    4. Select the role types that you want to assign to a user or group. For example, to assign a group to the sender role, click the sender icon for the appropriate group name. 圖示從 這是未指派角色類型的圖示。它是含邊框的空白框。改成這是已指派角色類型的圖示。它在框中含有勾號。 顯示您已新增使用者或群組到資源的存取角色中。
    5. Complete the previous step for each user or group that you want to add to access roles, and then click Next. A summary of your role type assignments is displayed.
    6. Optional: Click Previous to review and change your assignments, if required.
    7. Click Finish to confirm your assignments. The Default access roles panel is redisplayed and shows the new role type assignments.
  5. 儲存對主要配置所做的變更。

Results

The selected users and groups are added to selected default roles for the selected bus.

指出主題類型的圖示 作業主題



時間戳記圖示 前次更新: July 9, 2016 11:12
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=default_roles_add
檔名:default_roles_add.html