MWS B2B access permissions

Hi,

We are in the process if upgrading from wM 8.0 to 9.7.
Now that the TN is deprecated, we are in the process of setting up access for business users on MWS for B2B monitoring activities.

Since TN has no role based access, we are trying to implement that on the MWS.

However, we found that we are not able to get the level of granularity that was expected.

For B2B transactions, we are not able to restrict users from editing data, resubmitting data or even modifying processing rules.

What we are trying achieve is to provide business users with read-only access to the B2B transactions.

When it comes to monitoring of business processes, MWS provides a higher level of control.
We are able to chose between resubmit/modity and resubmit/etc.

With tasks, we have options such as:

  1. Create new rule
  2. Modify rule
  3. Modify rule variables
  4. Delete rule

…all of which can be explicitly controlled.

Is something like this possible for B2B rules and transactions?

Please let me know if I am missing out on something.

I do not see Functional Privileges available for B2B in the Permissions Management section.

Thanks in advance.

I’m not quite sure I fully understand your issue, so please ignore me if my answer is completely off target.

Did you check the permissions on the various security realms for B2B? You can find them at
Folders > Administrative Folders > Administration Dashboard > Configuration > Security Realms Administration, names starting with B2B.

As far as I know, TN itself is not completely deprecated, only the TN console has been deprecated with 8.x and has been removed with 9.x.

Use TN Portal instead of TN Console.

In MyWebMethods log in as Administrator and check for Roles related to TN.
There is also an Administration for B2B there, which means TN in this case, under which you hopefully will find the configuration you are looking for.

Regards,
Holger

Dominik and Holger,

Thanks for your replies.

Here is what I have tried out so far.

  1. Logged in MWS adminitsrator, navigated to Administration -> System-Wide -> Permissions Management and setup the appropriate read-only access for the user. I have also created a specific role to which this user belongs. However, permissions management doesn’t have enough options when it comes to processing rules or other B2B peroperties.

  2. Logged in as SysAdmin, navigated to Folders > Administrative Folders > Administration Dashboard > Configuration > Security Realms Administration, names starting with B2B, as Dominik suggested. This page does give more options on rules, doc types, partner profiles, etc. Here, I set permissions to view-only for the “B2B – Processing Rules_162370480” realm.

I really feel this should do the trick.

But, I noticed a weird behavior.

Any user who is not part of the TN Administrators role, doesn’t get to see ANYTHING on MWS. A message “No server configured.Please contact Administrator” is displayed.
When I add the user back to TN Administrator role, he can again view pages assigned to him.
I have also restricted TN Administrators role to View-only in the realm. But I assume it isn’t applying to it.

So I have 2 questions:

  1. Is it mandatory for all users to be part of TN Administrators role?
  2. And because my users have to be assigned TN administrators role, they are able to edit/delete processing rules?

Thanks, once again!

Also, is there anything to be done on the IS ACL/User management page?

In MWS I see the following 5 roles related to TN/B2B:

  • TN Administrators
  • TN Partners
  • TN MWS Users
  • TN Administrative Preferences (missing in 9.5+)
  • TN Onboarding Users (new in 9.5+)

Can you check if the user works when added to “TN MWS Users”?

Additionally take a look at Trading_Networks_Administrators_Guide.pdf, Chapter 4.

Regards,
Holger

Hi Guys,

Seems like I have found what I needed.

It is part of the data permissions page. I don’t know how I missed out on that.

Once a data set has been set up, the permissions tab allows us to add roles which can access the data set.
The EDIT icon at the end of the row for that role lists out a number of access permission choices as a pop up.

I have attached a screenshots.

Thanks for the suggestions.
DataPermissions.docx (190 KB)