Skip to main content
Last updated December 09, 2012 14:08, by Ralph
Feedicon  

Security Setup


To get access to an EJB application based on the Marty EJB module it is necessary to declare the following roles:

	<security-role-mapping>
		<role-name>org.imixs.ACCESSLEVEL.NOACCESS</role-name>
		<group-name>IMIXS-WORKFLOW-Noaccess</group-name>
	</security-role-mapping>

	<security-role-mapping>
		<role-name>org.imixs.ACCESSLEVEL.READERACCESS</role-name>
		<group-name>IMIXS-WORKFLOW-Reader</group-name>
	</security-role-mapping>

	<security-role-mapping>
		<role-name>org.imixs.ACCESSLEVEL.AUTHORACCESS</role-name>
		<group-name>IMIXS-WORKFLOW-Author</group-name>
	</security-role-mapping>

	<security-role-mapping>
		<role-name>org.imixs.ACCESSLEVEL.EDITORACCESS</role-name>
		<group-name>IMIXS-WORKFLOW-Editor</group-name>
	</security-role-mapping>

	<security-role-mapping>
		<role-name>org.imixs.ACCESSLEVEL.MANAGERACCESS</role-name>
		<group-name>IMIXS-WORKFLOW-Manager</group-name>
		<principal-name>IMIXS-WORKFLOW-Service</principal-name>
	</security-role-mapping>

Take care about the principal name 'IMIXS-WORKFLOW-Service'. This account must exist in the security realm. You should secure this account with a special password. The account is used by the backend services to operate in the backend. These services are:

  • SequenceService
  • DmsSchedulerService
  • WorkflowSchedulerService
  • UserGroupService

If you did not provide the user account ' IMIXS-WORKFLOW-Service' this can break functionality.

 
 
Close
loading
Please Confirm
Close