Defining access control policy elements using XML
The Organization Administration Console allows you to make simple changes to access control policies and their parts. To make more sophisticated changes, you need to edit the XML files directly, and then load them into the database.
About this task
Before you begin making changes to the XML files for access control, you should read the topics Access Control and Creating an access control policy. These topics provide a technical overview of access control and explains how to create customized commands, entity beans, and JSP templates that can be protected by access control policies.
Once you have finished the code customization, you can edit the XML files for access control to establish the protections you require.
The following changes can only be made by editing and then loading the appropriate XML files:
- Creating or modifying an action
- Creating or modifying a relationship
- Creating or modifying a relationship group
- Creating or modifying a resource
- Creating or modifying attributes
- Creating or modifying access groups using complex criteria
- Creating or modifying resource groups using complex criteria
- Creating a role-based policy for views
- Changing the action group in a role-based policy for views
- Creating or modifying a policy group
- Associating policies with policy groups
You can manipulate the XML files to perform the following authorization tasks: