User types
Every user is assigned a User Type by the Product Administrator. The User Type applies across an instance.
Product Administrator
The Product Administrator has full access to all areas and can perform the functions of any other type of user.
Standard User
- Create applications
- Grant application access to users
- Create and delete folders in folders they can access
- Create, edit, run, view, and delete scan jobs
- Create, edit, run, view, and delete dashboards
- Create, edit, run, view, and delete report packs
- Grant or deny users access to report packs, dashboards and folders
- Classify issues according to their status
- Export report data
- Configure all options (Basic and Additional) in the AppScan Dynamic Analysis Client
No Access
Upon trying to log in, if the Default User is set to No Access, a new account will not be created. If the user has an existing account, the account remains, but access is denied.
The No Access user type is often used to create an account in anticipation of the arrival of a new employee who will require access at some future time.
Inherit Access
This user type only applies to users imported from an LDAP server. When a user with an Inherit Access user type logs in for the first time, they will automatically be created as a user (whatever the Default User is) and be assigned the user privileges associated with any LDAP group they belong to, if the group exists in the database and has been granted access. If they belong to more than one group, they will inherit the highest permissions of all the groups they belong to. Otherwise, their type will be No Access.
QuickScan User
QuickScan Users use a simplified view of the Enterprise Console to create quick, easy-to-use scans to test the applications they are responsible for. Most users are QuickScan users. QuickScan Users can be given explicit permissions on specific applications, but they cannot create them.
- What to Scan > Additional server and domains: Modify existing domains and make changes, but cannot add new domain or delete existing domain.
- Exclude Paths and File > Overall Exceptions: Add new overall URL exception but not remove them.
- Explore options > Parser Setting: Add Search Patterns and Exclusions but not delete any.
- Explore options > WebSphere® Portal Advanced Settings: Modify the context root, but not delete them.
- Parameter and Cookies > Normalization Rules: Add new normalization rules but not delete them.
- Parameter and Cookies > Custom Parameter Definitions: Modify the existing parameters and cookies values but cannot add or delete any.
- Parameter and Cookies: Modify the existing parameters and cookies values but cannot add or delete any.
- Login Management: Cannot delete URL from login sequence.
- Automatic form fill: Disable and enable Auto form fill values, but cannot add/delete/modify any.
- General Scan Options > Custom error pages: Cannot add/delete/modify any custom error pages.
- Advanced options > XRules: Modify XRules but cannot add or delete any.
Other Custom User Types
Product administrators can create custom user types to align with the particular workflows of their organization. These types of users are assigned limited administrative permissions, such as the ability to create and edit users, to configure security test policies and server groups, to modify application attributes, or to manage AppScan Enterprise integrations with other HCL products. See Custom user type permissions for more details.