Role based access for MWS TN set up

ACL are definitely required to be added to the MWS roles in IS.

Are people with non-admin access able to look everything in MWS(TN transactions/Process model instances) fine ?

What ACL’s you have tried in the IS–>Settings–>ACL’s for MWS/central users configuration?

Thank you all for your comments.

@Sai: I have already logged a incident with SAG. They are trying to figure out the problem :slight_smile:

I have added “My webMethods Users” role added to “MonitorUsers” and “MonitorAdministrators” ACL IN IS. My user is also part of “My webMethods Users” role.

Yes, Non Admin users are able to access all TN Transactions.

You added roles but what particularly you did from IS-Security > Access Control Lists

What do you see currently in the following ACL’s?

CentralUsers ACL
Administrators ACL



I have the below set up for ACLs in IS.


local Administrators
MWS TN Administrators

CentralUsers ACL

local Administrators
local CentralAdministrators
local CentralUsers

Administrators ACL

local Administrators

OK under this ACL you should see like this as…can you assign as below and the restart IS/MWS and try?


local/TN Administrators
system/TN Administrators
system/TN MWS Users

This is probably a caching issue. Do you have Single Sign on enabled for IS to use MWS? If so, MWS may be caching the userID and role information. The other issue could be the order of the user’s roles within MWS. If the user is in more than one role, and the role listed first under the user’s roles is more restrictive, then this may not work.

To change this, click on the role you want to have a higher priority in the MWS user panel (under roles tab) and select the role and move it up using the arrow.

Email me if you continue to have issues ( or


Chandrakanth.L, were you ever able to resolve this issue? I am encountering the exact same behavior in my WM9.5 environment. If you have resolved it, can you please let me know your solution, or let me know the SAG incident number you created?

Steve Karst