Configuring Viewpoint > Configuring security in Viewpoint > Setting permissions for the Viewpoint User Management page

2.5 Setting permissions for the Viewpoint User Management page

To set permissions for the Viewpoint User Management page

  1. Verify that ViewpointLoginModule is your authentication module (for details, see Configuring login modules), and not LDAP or SSO.
  2. Give the following permissions to any user that should have access to the User Management page (for more information, see Setting permissions):
    3. Permission Reason
    user.readall Needed to see the User Management page.
    user.add Needed to add a new user.
    user.updateall Needed to modify a user or change a user's password.

    Do not grant any of the user.* permissions to average users. A secure core.xml configuration of user permissions should look like the following example:

    <config>
   ...
     <security>
       ...
         <permissions-map>
             <principal type="ViewpointRolePrincipal" name="user">
                <role name="user" />
             </principal>
             <principal type="ViewpointRolePrincipal" name="admin">
                <role name="admin" />
             </principal>
         </permissions-map>
         <role-definitions>
             <definition name="user">
                 <permission name="node.create" />
                 <permission name="node.read" />
                 <permission name="node.update" />
                 <permission name="node.delete" />
              ...
             </definition>
             <definition name="admin">
                 <permission name="user.*" />
             <role name="user" />
             </definition>
         </role-definitions>
       ...
     </security>
   ...
</config>

    In the above example, the administrator has permission to view, manage, and add users, while an average user has none of those privileges.

  3. Require the user.readall permission when creating a menu item for the User Management page in core.xml.
  4. Add a link to User Management in an Administration menu by adding the following in core.xml:
    5. <nav-menu>
  ...
   <menu label="Administration">
     ...
      <link href='page://UserManagement' target='thisWindow' label='User Management'>
         <permission name="user.readall" />
      </link>
     ...
   </menu>
  ...
</nav-menu>

Related topics 

 

© 2012 Adaptive Computing