Within Oracle IRM, roles are for controlling access to documents. Roles are defined within a domain. They exist independently of users and contexts. Some typical roles come preconfigured at installation, and domain administrators can create more. Domain administrators may want to create roles for the following purposes:
Roles control the features of client-side applications, such as the opening, editing, and sealing of documents.
Roles control whether or not the client-side features can be used offline (while not in communication with Oracle IRM Server).
Roles control refresh requirements (how often to return to Oracle IRM Server to check for new or revised rights).
Domain administrators typically create a number of roles, then create context templates with differing permutations of those roles. When contexts are created from a context template, the context inherits the roles that were in the template. The behaviors allowed by the inherited roles are the only behaviors that the contexts can acquire.
Caution:When roles are modified at the domain level, any changes to permitted behavior are applied to all contexts that contain that role.