Administering Access Control for Business Services

Business services can be accessed by all users by default. However, the administrator can restrict access to specified business services and business service methods. The administrator can then associate responsibilities with the restricted business services or associate the business services with responsibilities. This allows the administrator to restrict access to business services based on the end user’s responsibility. To access a restricted business service, an end user must be associated with the responsibility that allows access to the restricted business service. An end user who is assigned more than one responsibility can access any restricted business service that is associated with one of his or her responsibilities.

For business services that allow you to specify a view mode to access data, you can specify which view mode can be used by different responsibilities. The following figure shows two examples of view modes that can be associated with a responsibility to restrict the set of data records a user with the responsibility accesses.

• The view modes in the first example are as follows:

  1 Personal, 2 Sales Rep, 3 Manager, 4 Organization, 5 Sub-Organization, 6 All.

• The view modes in the second example are as follows:

  1 Group, 2 Catalog, 3 All.

The level of visibility broadens as you move from 1 to 6 in the first example and from 1 to 3 in the second example; for example, the Manager (3) view mode grants access to more data than the Sales Rep (2) view mode.

The image also shows whether or not the relationship that exists between each view mode is hierarchical. For example, the relationship between Manager view mode and Organization view mode is not hierarchical. The relationship between Sales Rep view mode and Manager view mode is hierarchical.

Assigning appropriate view modes allows you to manage access to business services (and associated methods) by end users based on the responsibilities assigned to the end user. The following topics provide more detailed information on the tasks involved in administering access control for business services:

• Associating a Business Service with a Responsibility

• Associating a Responsibility with a Business Service

• Example of Associating a Responsibility with Business Service Methods

• Clearing Cached Business Services

• Disabling Access Control for Business Services