WLOC Administration Console Online Help

    Previous Next  Open TOC in new window 
Content starts here

Manage users, groups, and roles


WLOC uses role-based security to secure access to the WLOC Administration Console and ensure that only authorized users can manage services. With role-based security, you assign different levels of privileges to users and groups. Users may be placed into groups that are associated with security roles, or can be directly associated with security roles.

Users are entities that can be authenticated. A user can be a person, such as an application end user, or a software entity, such as a client application. All users names must be unique. As a result of authentication, a user is assigned an identity, or principal, that is unique.

Groups are logically ordered sets of users. Users are organized into groups that can have different levels of access depending on their job functions. Managing groups is more efficient than managing large numbers of users individually. All group names must be unique. WLOC provides the following groups, by default, which are assigned to one or more of the default security roles:

Roles, like groups, grant identity to a user. Unlike a group, however, membership in a security role is based on a set of conditions that are evaluated at runtime. These conditions determine how members of a group can interact with the WLOC Administration Console and the services managed by the console. WLOC provides the following security roles, by default, to grant access privileges:

In addition, for each service that you create, WLOC provides an additional role named ServiceAdminService-Name, where Service-Name is the name of the service. You cannot create new or modify existing security roles.

For more detailed information about the access privileges associated with each security role and for more information about WLOC security in general, see Configuring Security.

The following topics describe the main tasks for managing users and groups:

Related Tasks


  Back to Top