SAP/PeopleSoft security  Setting up a security manager account

Chapter 6: Security

Managing role-based security

Unwired Accelerator implements role-based security. This section provides information about managing role-based security, in these topics:

When you install Unwired Accelerator, a default configuration enables you to log in to Mobile Web Studio and work with the Studio and its functionality. From the default configuration, you create and administer your enterprise’s users, roles, and objects.

Table 6-2 describes the default J2EE security roles that Unwired Accelerator uses.

Table 6-2: J2EE security roles

Security role

Description

PortalAdmin

A role for system or administrative users. If you want this user to represent your system administrator, grant this user the StudioAdmin and PortalAdmin roles.

Unwired Accelerator lets you enable the deploy functionality for Mobile Web Studio users with the PortalAdmin role, as described in the global.properties.xml portal configuration file:

<Property name="PortalAdministrationRole"
value="PortalAdmin" description="The J2EE role 
required to administer the Portal performing export/import and update operations." menugroup="-1" />

WARNING! This property is designed for a single role and not a list of roles. There is no parsing of the string to look for multiple roles.

PortalGuest

A role for the UA guest account. The guest account allows users to log in to your portal. The login name for the guest account is “guest”; the password is also “guest”.

WARNING! Do not delete the guest account. It is required for Unwired Accelerator.

Unwired Accelerator automatically creates the PortalGuest role and grants the role to the guest account. The sole purpose of the PortalGuest role is to enable self-registration in Portal Interface. The guest account does not have permission to access any assets. The system can have only one guest role. The guest role is valid for an indefinite period.

PortalUser

A role for Portal Interface users. Users with this role can work with any Portal Interface object, but cannot access Mobile Web Studio objects.

StudioAdmin

A role for the Unwired Accelerator administrator. The StudioAdmin role is automatically defined when you install and configure Unwired Accelerator (opsuper for RID1, and masuper for RID21).

By default, the StudioAdmin has complete access to Mobile Web Studio operations.

Generally, the StudioAdmin sets up initial security for objects, roles, and users, but StudioAdmin can perform all other Mobile Web Studio functions.

everybody

A role required for all authenticated Portal Interface and Mobile Web Studio users, as determined by the RequiredRoles property in the global.properties.xml file. See “Global property group” for information about this property.

manager

This role is not currently used. You can establish the manager role to meet the needs of your installation.

superuser

This role is not currently used. You can establish the superuser role to use in conjunction with the RoleBaseDisplaySeeAllRoles, and RoleBaseDisplay properties in the global.properties.xml file. See “Global property group” for information about these properties.





Copyright © 2005. Sybase Inc. All rights reserved. Setting up a security manager account

View this book as PDF