restricting access in admin console

Hi,

I am having two questions related to admin console:

1.Is it possible to restrict access to specific users in admin console for deleting/ enabling etc…of pacakges. (relating to package management).

For eg:- In production scenario, the users should not have access to edit or delete the packages but he should be able to view it.

  1. How to remove access to DSP pages in admin console specific to users? Suppose for an user if it is needed to give access to server/error logs, then for all other DSP pages, access should be denied.

Thanks in advance…

Regards,
Shriraksha A.N

  1. Create a new package.
  2. Copy all the DSP files from the C:\SoftwareAG\IntegrationServer\packages\WmRoot\pub folder to the newly created package\pub directory.
  3. Identify the pages that you want read only access,the pages that you do not want etc and edit the pages.
  4. Now after the changes go to the below URL and test the access for pages.
    http://localhost:5555/myPackageName/

Note:
Make sure you create a new user for this read only home page and add it to the .access file. For reference see the IS ReadonlyAdmin package (6.5 version) in the sharware section on wmusers.

Cheers,
Akshith

Hi,

Thanks for the response.

The procedure that you have told is somewat confusing. After copying all the DSP pages from the wmRoot to the custom package pub folder, what needs to be done?. What is the meaning of editing the DSP pages after identifying read only DSP pages.

Also, in .access file we will mention ACL for corresponding DSP pages for restricted access. But, it is like we need to mention the ACL for which the access needs to be given, not for the ACLs for which access needs to be restricted. So, it there are many ACLs and for one ACL, if the access needs to be restricted, then all ACLs expect one needs to be mentioned against corresponding DSP page. Also I am encountering a problem when I mention multiple ACLs. Its working only for last ACL. Please let me know if u know any other way of accomplishing this.

The package IS ReadOnly Admin package is for wm6.5, but I need to implement it in 7.1.

Regards,
Shriraksha A N

After copying all the DSP pages from the wmRoot to the custom package pub folder, what needs to be done?

Identify the pages that your users will need access to and delete or remove the rest of the pages from that directory.

What is the meaning of editing the DSP pages after identifying read only DSP pages?

Edit the .dsp pages to remove the HREF links so that you can provide only a read only access to this pages as users will not have a URL to click on. Also, refer to the 6.5 version of the Readonly Admin and view the edited pages, that should give you a fair idea of what i am talking about.

But, it is like we need to mention the ACL for which the access needs to be given, not for the ACLs for which access needs to be restricted
Yes you are right, In my earlier post looks like i asked you to add a user but you have to add the ACL that will give access to this read only admin page.

Its working only for last ACL. Please let me know if u know any other way of accomplishing this.

Yes, you can assign multiple ACL’s in the .access file. Use it in the below format,

  • ReadOnlyAdmin
  • Administrators
  • UxxMnnn

Some times a package reload is not sufficient for the ACL’s to take affect, try restarting the IS.

The package IS ReadOnly Admin package is for wm6.5, but I need to implement it in 7.1.

There is not a whole lot of difference when you are working on a 6.5 or a 7.1.2 version of IS Readonly admin. If you understand the concept of creating read only admin pages then its the same in all the versions.

Cheers,
Akshith

If you think this is too much work then there is an alternate approach also. Please refer to the following URL, hope this helps.

http://communities.softwareag.com/ecosystem/communities/public/Developer/webmethods/codesamples/LimitAvailableMenu.html

Cheers,
Akshith

1 Like

Thanks for the response.

But, when we request for any DSP page in admin console, it will refer to the DSP page in WMRoot pacakge pub folder. So, even if we create a custom package and place all edited DSP pages inside the pub folder of the new custom package, how the request will (removed all href links) get tranferred to these new DSP pages for particular user since we dont mention package or folder name while creating ACLS or users groups or users?

Thanks in advance…

Regards,
Shriraksha A N

The URL that you will provide to your customers will be something like
http://lcoalhost:5555/ReadOnlyAdminUI/. Now when the users go to this URL, the .access file in this package ReadOnlyAdminUI will take care of the authentication.

If you included a group xxx in this .access file then while logging to the Readonly page users need to be a member of the group xxx to access the page.

Cheers,
Akshith