User and Group Permissions: Access Control Lists
Access Control Lists (ACLs) associate groups and users with permissions. In the context of Windchill RV&S interface, these users and groups are called principles. ACL definitions determine management policies and control user access to the various functions of Windchill RV&S.
Permissions specify the particular operations that are available. Because ACLs control these vital functions, ACLs must be configured before Windchill RV&S can function.
The following sequence of events illustrates how the Windchill RV&S server uses ACLs to determine whether a user or group has access to a specific functionality:
1. A user issues a command to the Windchill RV&S server from the Windchill RV&S client.
2. The target of each operation (for example, a project or a member) maps to a specific ACL. The appropriate ACL is queried to determine whether the operation is allowed.
3. The Windchill RV&S server queries the ACL database for the user’s access permissions to determine whether the user has the required permission or which specific permissions the user has (the server uses the most specific permissions it finds in the ACL hierarchy).
4. Based on the information it receives, the user is permitted the operation if the correct permissions exist. If the permissions do not exist, the server terminates the operation and returns an error message.
|
Once you have modified or created the necessary ACLs, the information is dynamically loaded by the server. You do not have to restart the server.
|
Related Links