Security in WebMethods

Silvia_DomA_nguez · March 12, 2013, 3:16pm

Hello,
I’m beginning with security roles and I don’t known if the security role depends of webmethod server configuration or are differents issues?
Thanks,

system · March 12, 2013, 5:26pm

Could you please rephrase the question. I’m not sure what you are asking

Silvia_DomA_nguez · March 12, 2013, 5:36pm

I have been looking for information and I found articles about security roles and permissions apply MWS server. The question is webMethods security level applies to portlet or task and if involved WebMethod server?

Mervin2 · March 13, 2013, 8:23am

Hi Silvia

You can give permissions to wM applications, tasks, workspaces etc using Permissions Management
(In My webMethods: Navigate > Applications > Administration > System-Wide >
Permissions Management.)

You can refer to the wM documentation for more details. Let us know if you have any queries/issues.

Silvia_DomA_nguez · March 13, 2013, 3:23pm

well, this perfect but i can define a security rol in portlet level and then assign it to the task. Now, if i launch MWS, the roles are not the same as I have defined portlet level. Then what is the relationship between security roles defined portlet level and security roles defined in MWS?
thanks

system · March 13, 2013, 4:03pm

in web.xml, your application can define a security role for the entire web application.


<web-app ...>
    <security-role>
        <role-name>myapp-role</role-name>
    </security-role>
</web-app>

These security roles map directly to a role with the same name in MWS. When the application is being installed, if MWS doesn’t have a role with that name already, a new static role will be created automatically.

in portlet.xml, for each portlet a logical security realm name can be defined:


<portlet-app ...>
    <portlet>
        ...
        <security-role-ref>
            <role-name>myporlet-role</role-name>
        </security-role-ref>
    </portlet>
</portlet-app>

This, portlet security role generally maps to a security role with the same name in the web.xml (see #1). This default mapping can be overriden by using the security-role-link if you want the logical security-role in the portlet to map to some other security role in the application.


<portlet-app ...>
    <portlet>
        ...
        <security-role-ref>
            <role-name>myporlet-role</role-name>
            <role-link>myapp-role</role-link>
        </security-role-ref>
    </portlet>
</portlet-app>

…or to the name of a functional privilege defined in your application:


<portlet-app ...>
    <portlet>
        ...
        <security-role-ref>
            <role-name>myporlet-role</role-name>
            <role-link>myfunctional-privilege-name</role-link>
        </security-role-ref>
    </portlet>
</portlet-app>