Actions that you can take on business processes depend on your authorization role. This role can be a J2EE role or an instance-based role.
A role is a group of employees who share the same level of authority. Java™ 2 Platform, Enterprise Edition (J2EE) roles are set up when the business process container is configured. Instance-based roles are assigned to processes and activities when the process is modeled. Role-based authorization requires that global security is enabled in WebSphere® Application Server.
You can use the administrative console to change the assignment of users and groups to these roles.
A process instance or an activity is not assigned directly to a staff member in the process model, instead it is assigned to one of the available roles. Any staff member that is assigned to an instance-based role can perform the actions for that role. The association of users to instance-based roles is determined at runtime using staff resolution.
The following instance-based roles are supported:
These roles are authorized to perform the following actions:
Role | Authorized actions |
---|---|
Activity reader | View the properties of the associated activity instance, and its input and output messages. |
Activity editor | Actions that are authorized for the activity reader, and write access to messages and other data associated with the activity. |
Potential activity owner | Actions that are authorized for the activity reader. Members of this role can claim the activity, and send messages to receive or pick activities. |
Activity owner | Work on and complete an activity. Members of this role can transfer owned work items to an administrator or a potential owner. |
Activity administrator | Repair activities that are stopped due to unexpected errors, and force terminate long-running activities. |
Process starter | View the properties of the associated process instance, and its input and output messages. |
Process reader | View the properties of the associated process instance, its input and output messages, and everything that the activity reader supports for all of the contained activities but not those of the subprocesses. |
Process administrator | Members of this role can administer process instances and intervene in a process that has started; create, delete, and transfer work items. Members of this role also have activity administrator authorization. |
no unique ID for: <user ID>
Last updated: Tue Feb 21 17:19:17 2006
(c) Copyright IBM Corporation 2005.
This information center is powered by Eclipse technology (http://www.eclipse.org)