In the authentication module of this tutorial, you created two users: operator1 and admin1. You can assign varying permissions to these users with Java™ Authentication and Authorization Service (JAAS) authorization.
grant codebase http://www.ibm.com/com/ibm/ws/objectgrid/security/PrivilegedAction
Principal com.ibm.ws.security.common.auth.WSPrincipalImpl "defaultWIMFileBasedRealm/operator1" {
permission com.ibm.websphere.objectgrid.security.MapPermission "Grid.Map1", "read";
};
grant codebase http://www.ibm.com/com/ibm/ws/objectgrid/security/PrivilegedAction
Principal com.ibm.ws.security.common.auth.WSPrincipalImpl "defaultWIMFileBasedRealm/admin1" {
permission com.ibm.websphere.objectgrid.security.MapPermission "Grid.Map1", "all";
};
In this file, the http://www.ibm.com/com/ibm/ws/objectgrid/security/PrivilegedAction codebase is a specially reserved URL for ObjectGrid. All ObjectGrid
permissions that are granted to principals should use this special
code base. The following permissions are assigned in this file: In this lesson, you configured authorization by assigning permissions to specific users.