Default access control policies
The default policies shipped with WebSphere Commerce are organized into the following categories:
- Role-based policies
- The role-based policies for each default role. These policies are also referred to as command-level policies because they define who can execute each command. For a complete listing of these polices, see Role-based policies.
- Resource-level policies
- The resource-level policies, grouped by business area. These policies define the actions a group
of users can perform on specific resources. Under each business area, policies are organized by the
type of resource they regulate:
- Data resources
- Business objects that can be manipulated such as an order or a bid.
- DataBean resources
- Contain information about business objects. Data beans are used to display object information about a Web page.
For a complete listing of these polices, see Resource-level policies.
During instance creation, WebSphere Commerce loads the default access control policies from the bootstrap file, WC_installdir/xml/policies/xml/defaultAccessControlPolicies.xml.