Advanced Customization > Business Logic Customization > Customizing Security Labels > Customizing Security Labels > Setting Up Custom Security Labels > Enabling Custom Security Labels
  
Enabling Custom Security Labels
To enable custom security labels, you must complete the following steps. See the Security Labels Configuration Steps for more information about each of these steps.
1. Define Security Labels - Required
Add the following lines to the <Windchill>/wtcustom/wt/access/accessModelRB.rbinfo file, making sure not to include any spaces except in the <DISPLAY_NAME> or the <LONG_DESCRIPTION>:
WCTYPE|wt.access.SecurityLabeled~SCA|<SECURITY_LABEL>.value=<DISPLAY_NAME>
WCTYPE|wt.access.SecurityLabeled~SCA|<SECURITY_LABEL>.dataType=java.lang.String
WCTYPE|wt.access.SecurityLabeled~SCA|<SECURITY_LABEL>.serverFunction=
com.ptc.core.foundation.security.server.impl.SACFSecurityLabel
WCTYPE|wt.access.SecurityLabeled~SCA|<SECURITY_LABEL>.serverFunction.arg1=
PID{<SECURITY_LABEL>}
WCTYPE|wt.access.SecurityLabeled~SCA|<SECURITY_LABEL>.longDescription=
<LONG_DESCRIPTION>
where:
<SECURITY_LABEL> is the custom security label name. This value should use only alphanumeric characters and the underscore character. The string WCTYPE|wt.access.SecurityLabeled~SCA|<SECURITY_LABEL> is the value that will be specified for the SecurityLabelResourceKey element for the custom security label later in this configuration. While there is no requirement for the <SECURITY_LABEL> value to match the name attribute specified for the CustomSecurityLabel element in the security labels configuration file, that is the convention used in this guide.
* 
A security label name is stored as a server-calculated attribute (SCA). Each SCA must have a unique name. The Logical Attributes Report provides a list of all current SCAs. You can access this report from <Windchill>/netmarkets/jsp/lwcType/logicalAttributesReport.jsp.
<DISPLAY_NAME> is the name of the custom security label as it will display in the user interface.
<LONG_DESCRIPTION> is the long description of the custom security label. The long description is displayed in the automatically generated description for the custom security label, accessed by clicking the view security label information icon from the Security Labels table.
* 
Because custom security label values are not pre-defined, there is no long description available to display on the information page for the custom security label. Any information about the custom security label values can be included in the long description for the custom security label.
For example, add the following lines to the end of the file for configuring the example custom security label:
WCTYPE|wt.access.SecurityLabeled~SCA|THIRD_PARTY_PROPRIETARY.value=
Third Party Proprietary
WCTYPE|wt.access.SecurityLabeled~SCA|THIRD_PARTY_PROPRIETARY.dataType=
java.lang.String
WCTYPE|wt.access.SecurityLabeled~SCA|THIRD_PARTY_PROPRIETARY.serverFunction=
com.ptc.core.foundation.security.server.impl.SACFSecurityLabel
WCTYPE|wt.access.SecurityLabeled~SCA|
THIRD_PARTY_PROPRIETARY.serverFunction.arg1=
PID{THIRD_PARTY_PROPRIETARY}
WCTYPE|wt.access.SecurityLabeled~SCA|THIRD_PARTY_PROPRIETARY.longDescription=
The "Third Party Proprietary" label indicates the business object's level of third party corporate sensitivity.
* 
Do not delete or alter the existing lines that begin with:
WCTYPE|wt.access.SecurityLabeled~SCA|ALL_SECURITY_LABELS
WCTYPE|wt.access.SecurityLabeled~SCA|ALL_STANDARD_SECURITY_LABELS
WCTYPE|wt.access.SecurityLabeled~SCA|ALL_CUSTOM_SECURITY_LABELS
2. Create a Custom Java Evaluator Class - Optional
For more information about this step, see Create a Custom Java Evaluator Class.
3. Create a Custom Java Translator Class - Optional
For more information about this step, see Create a Custom Java Translator Class.
4. Edit the Security Labels Configuration File - Required
For more information about this step, see Edit the Security Labels Configuration File for Custom Security Labels.
5. Edit LogicalAttributesSite.xml - Required
For more information about this step, see Edit LogicalAttributesSite.xml in the security labels configuration steps.
6. Specify Attribute Handler for Label Attribute - Required
From within a windchill shell, run the following command for each custom security label:
xconfmanager -s wt.services/svc/default/com.ptc.core.command.
server.delegate.io.AbstractAttributeHandler/
<CUSTOM_SECURITY_LABEL>/wt.access.SecurityLabeled/
0=com.ptc.core.command.server.delegate.io.
SecurityLabelAttributeHandler/
singleton -t codebase/com/ptc/core/foundation/
FoundationAttributeHandler.properties -p
where <CUSTOM_SECURITY_LABEL> is the custom security label name as specified in the securityLabelsConfiguration.xml file.
For example, the following command would be run for the example custom security label:
xconfmanager -s wt.services/svc/default/com.ptc.core.command. server.delegate.io.AbstractAttributeHandler/THIRD_PARTY_PROPRIETARY /wt.access.SecurityLabeled/0=com.ptc.core.command.server.delegate .io.SecurityLabelAttributeHandler/singleton -t codebase/com/ ptc/core/foundation/FoundationAttributeHandler.properties -p
7. Restart Windchill method servers.
* 
Additional configuration is required to enable object initialization rules, agreements, auditing, and subscriptions for custom security labels, but the steps are the same for standard and custom security labels.
For information about enabling these additional capabilities, see the Security Labels Configuration Steps.