Setting access control for a page
When the consumer direct sample store is published, access control policies for the store are loaded into the database. Refer to the accesscontrol.xml file for an example of how to create an access control file.
Procedure
- To add
a new view that is accessible by roles with existing
role-based View policies, create an XML file similar to the one shown:
<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> <!DOCTYPE Policies SYSTEM "../dtd/accesscontrolpolicies.dtd"> <Policies> </Policies>
- Create a new action definition
in the XML file for the
view that you added. For example:
<Action Name="AddToExistReqListView" CommandName="AddToExistReqListView"/>
- Determine which roles should
have access to this view,
and associate the new action with the corresponding action groups
in the XML file as in the following example:
<ActionGroup Name="ConsumerDirectAllUsersViews" OwnerID="RootOrganization"> <ActionGroupAction Name="AddToExistReqListView"/> </ActionGroup>
There is already a role-based policy,
ConsumerDirectAllUsersViews
, that includes this action group, so a new policy does not have to be created. All shopping commands in the consumer direct store belong to theConsumerDirectAllUsersViews
action group.After completing the preceding steps, the complete XML file should contain the following:
<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?> <!DOCTYPE Policies SYSTEM "../dtd/accesscontrolpolicies.dtd"> <Policies> <Action Name="AddToExistReqListView" CommandName="AddToExistReqListView"/> <ActionGroup Name="ConsumerDirectAllUsersViews" OwnerID="RootOrganization"> <ActionGroupAction Name="AddToExistReqListView"/> </ActionGroup> </Policies>
- Load your XML changes into the
database.
- Copy the XML file you created
to the WC_installdir
/xml/policies/xml
directory. - Log in as the database user ID.
The database user ID must have the following permission in order to proceed with the following steps:
- Read,
write, and execute authority for the directories, subdirectories,
and files of
WC_installdir/xml/policies
andWC_installdir/logs
directories. - Read and execute authority for the
WC_installdir/bin
directory and its files.
If the database user ID does not have the preceding required authority, you need to grant this authority using the chmod command.
- Read,
write, and execute authority for the directories, subdirectories,
and files of
- From the WC_installdir/bin
directory,
run the following command:
acpload database name database user database user password Policies xml filename[ schema name]
For example:
acpload mall dbuser dbusrpwd defaultAccessControlPolicies.xml
If you create customized XML files, you must use the full path to the DTD in your file. The access control policies DTDs are located in the
WC_installdir/xml/policies/dtd
directory. - Check the
acugload.log
,acpload.log
, andacpnlsload.log
files in the following directory for any errors:-
WC_installdir/logs
-
WC_userdir/instances
-
- Copy the XML file you created
to the WC_installdir
- Update the Access
Control Policies Registry in the Administration
Console by doing the following:
- Open the Administration Console
- Click Configuration > Registry.
- From the list of registries, select Access Control Policies.
- Click Update.