Role based access for MWS TN set up

Jkhan69 · October 30, 2013, 11:56am

ACL are definitely required to be added to the MWS roles in IS.

Are people with non-admin access able to look everything in MWS(TN transactions/Process model instances) fine ?

rmg · October 30, 2013, 1:52pm

What ACL’s you have tried in the IS–>Settings–>ACL’s for MWS/central users configuration?

Chandrakanth_Lakkakula · October 30, 2013, 8:29pm

Thank you all for your comments.

@Sai: I have already logged a incident with SAG. They are trying to figure out the problem

@RMG:
I have added “My webMethods Users” role added to “MonitorUsers” and “MonitorAdministrators” ACL IN IS. My user is also part of “My webMethods Users” role.

@JKhan69:
Yes, Non Admin users are able to access all TN Transactions.

rmg · October 30, 2013, 9:12pm

You added roles but what particularly you did from IS-Security > Access Control Lists

What do you see currently in the following ACL’s?

TNMWSUsers ACL
CentralUsers ACL
Administrators ACL

HTH,
RMG

Chandrakanth_Lakkakula · October 30, 2013, 9:21pm

Hi RMG,

I have the below set up for ACLs in IS.

TNMWSUsers ACL

local Administrators
MWS TN MWS Users
MWS TN Administrators

CentralUsers ACL

local Administrators
local CentralAdministrators
local CentralUsers

Administrators ACL

local Administrators

rmg · October 31, 2013, 6:37pm

OK under this ACL you should see like this as…can you assign as below and the restart IS/MWS and try?

TNMWSUsers ACL

local/Administrators
local/TN Administrators
system/TN Administrators
system/TN MWS Users

Daryl · November 4, 2013, 10:53pm

This is probably a caching issue. Do you have Single Sign on enabled for IS to use MWS? If so, MWS may be caching the userID and role information. The other issue could be the order of the user’s roles within MWS. If the user is in more than one role, and the role listed first under the user’s roles is more restrictive, then this may not work.

To change this, click on the role you want to have a higher priority in the MWS user panel (under roles tab) and select the role and move it up using the arrow.

Email me if you continue to have issues (drh4@psu.edu or daryl.hoffman@psualum.com)

Daryl

Steve_Karst · September 12, 2014, 12:52am

Chandrakanth.L, were you ever able to resolve this issue? I am encountering the exact same behavior in my WM9.5 environment. If you have resolved it, can you please let me know your solution, or let me know the SAG incident number you created?

Thanks,
Steve Karst