Unwired Accelerator implements role-based security. This section provides information about managing role-based security, in these topics:
When you install Unwired Accelerator, a default configuration enables you to log in to Mobile Web Studio and work with the Studio and its functionality. From the default configuration, you create and administer your enterprise’s users, roles, and objects.
Table 7-2 describes the default J2EE security roles that Unwired Accelerator uses.
Security role |
Description |
|---|---|
PortalAdmin |
A role for system or administrative users. If you want this user to represent your system administrator, grant this user the StudioAdmin and PortalAdmin roles. The PortalAdmin role, set in the global.properties.xml file as follows, enables you to deploy mobile applications to devices: <Property name="PortalAdministrationRole" value="PortalAdmin" description="The J2EE role required to administer the Portal performing export/import and update operations." menugroup="-1" /> WARNING! This property is designed for a single role and not a list of roles. There is no parsing of the string to look for multiple roles. |
PortalUser |
A role for Portal Interface users. Users with this role can work with any Portal Interface object, but cannot access Mobile Web Studio objects. |
StudioAdmin |
A role for the Unwired Accelerator administrator. The StudioAdmin role is automatically defined when you install and configure Unwired Accelerator (opsuper for RID1, and masuper for RID21). By default, the StudioAdmin has complete access to Mobile Web Studio operations, including development (but not deploying). Generally, the StudioAdmin sets up initial security for objects, roles, and users, but StudioAdmin can perform all other Mobile Web Studio functions. |
everybody |
A role required for all authenticated Portal Interface and Mobile Web Studio users, as determined by the RequiredRoles property in the global.properties.xml file. See “ProductConfiguration property group” for information about this property.
|
manager |
This role is not currently used. You can establish the manager role to meet the needs of your installation. |
superuser |
This role is not currently used. You can establish the superuser role to use in conjunction with the RoleBaseDisplaySeeAllRoles, and RoleBaseDisplay properties in the global.properties.xml file. See “ProductConfiguration property group” for information about these properties. |
For the LDAP security provider, the EverybodyRoleAuthorizer
function automatically grants the “everybody” role
to users who need it.