Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Informatica ActiveVOS 9.2.4.6
  • All Products

Table of Contents

Search

  1. Preface
  2. Apache Tomcat
  3. WebLogic
  4. IBM Websphere
  5. JBoss

Server Installation, Configuration, and Deployment

Server Installation, Configuration, and Deployment

Back Next

Security Configuration

Security Configuration

ActiveVOS Server can be deployed in a secured manner. The Security Configuration panel allows you to configure the security parameters that will be applied to the ActiveVOS Server Console, and deployed BPEL process services. Select the security options you want to enable.
After completing configuration, you must assign security roles to users and groups. You can find details on configuring security in the
Process Server Guide
.
If you have a license for the multi-tenant feature, you must enable security.
After entering this information, click
Next
 to save your values and to continue.

Administrative Functions

These functions add security parameters to the ActiveVOS Consoles and services by setting the following roles:
abAdmin
Users associated with this role have full administrative rights to ActiveVOS Server.
abBusinessManager
Users associated with this role have access to process instance details (but cannot operate on them). They can monitor active processes and tasks, and work queues. They have a read-only view of process instance details.
abDeployer
Users associated with this role have rights restricted to deploying business process archive files to ActiveVOS Server.
abDeveloper
Users associated with this role have rights restricted to service artifacts, endpoint information, and sample messages for the services they consume and expose (that is, processes) after they are deployed. Developers need the ability to deploy process deployment archives, initiate process execution and analyze them. Developers also need to configure global function contexts for custom functions, URN mappings, and the ability to schedule process execution. Specifically, this user has access to the Active Process list, the Process Instance View, the Active Task and Work Queues lists, the Server Log, the Dashboard and all reports, and the catalog's content.
abOperator
Users associated with this role have rights restricted to operating the system. These include observing the functionality of processes, managing process instances using the process instance detail view, running reports, logging, viewing exceptions, acquiring information on service operations, adding and removing tenants, and managing the scheduled database delete schedule.
abTaskClient
Required. You must configure permission to access ActiveVOS Central for all users. In addition, users who interact with the Human Task (WS-HT) API must have this role.
ActiveVOS Central presents a login page to users.

Process Services

The process services adds security parameters to the Web Services handler for all deployed BPEL services with a role. The services listed at
http://[host]:[port]/active-bpel/services
 are secured. The process services (roles) are:
abRestrictedServiceConsumer
Users associated with this role cannot access a service unless it is deployed with allowed roles specified in the
pdd
 and the user belongs to at least of these roles. If no roles are specified in the
pdd
, access to services with no roles specified in the
pdd
 are also denied. Users in this role can view the
wsdl
 files for other services like
abServiceConsumer
; however, they are blocked at runtime.
abServiceConsumer
Users associated with this role have rights restricted to start process instances of deployed processes, including from ActiveVOS Central, the Eclipse Web Tools Project, or other client application,such as SOAPUI.
abTenantAdmin
(For a Multi-Tenant licensed server only.) Users associated with this role have rights to deploy and manage contributions into a configured tenant on the server.
Based on a Tenant Definition configured by the ActiveVOS Server administrator (with the abAdmin role), a tenant administrator user can log into the tenant context on the server. A service consumer user can create process instances for processes deployed to the tenant context.

Identity Service Consumer

The identity service consumer adds security parameters to the Web Services handler for Process Identity service used by the ActiveVOS Central application using the following roles:
abIdentityListConsumer
Only users associated with this role or
abAdmin
 have rights to submit Web Service requests to the identity service from Process Developer.
0 COMMENTS
We’d like to hear from you!