What are ACLs?
In WebMethods Users, Groups and Access Control Lists (ACLs) are used to manage the security of applications.
Relationships
In WebMethods Administration under the Security tab, there are sections for:
- Each Group can have multiple Users
- Each User can belong to multiple Groups.
- Each ACL can have multiple Groups allocated to it.
- Each Group can belong to multiple ACLs.
- ACLs can have both Allowed and Denied Groups
Best Pracitces
First create generic ACLs:
| ACL |
Description |
Groups to include |
| ListPkg |
View the list of packages |
Administrator, Anonymous, Everyone |
| ReadPkg |
Read the contents of a package |
Administrator, Anonymous, Everyone |
| WritePkg |
Change contents of a package |
Administrator |
| ExecPkg |
Execute services in a package |
Administrator |
Next for each project there will generally be a package root-level folder, e.g. ProjectX
Create two groups:
- ProjectX - users in this group can write and execute ProjectX
- ProjectXDeny - users in this group cannot write and execute ProjetX services
Place the appropraite users into their groups.
Then create an ACL called ProjectX
Place the group ProjectX in Allowed and ProjectXDeny in Denied.
Finally setup WmDeveloper to use the new ACLs.
- Note: Right-click on a folder, and click Open to get the Folder ACL properties.
