Close popover

Table of Contents

Creating a privilege


You can associate many rule types with privileges to more precisely define the access control features that are provided by Access of Role to Object rules. You create a privilege by using the Privilege rule form.

  1. In the header of Dev Studio, click Create Security Privilege .

  2. On the Create form, enter values in the fields to define the context of the privilege.

    1. In the Label field, enter text that describes the purpose of the privilege.

    2. In the Apply to field, press the Down Arrow key and select the class that defines the scope of the privilege.

      The class controls which Access of Role to Object rules you can link to the privilege.

    3. In the Add to ruleset field, select the name and unlocked version of a ruleset that stores the privilege.

    4. Optional:

      To change the default identifier for the privilege, click Edit, and then provide a unique value in the Identifier field.

  3. Click Create and open to open the Privilege form.

  4. Click Save.

  • Understanding role permissions and privileges in Access Manager

    Privileges complement the security and access control features provided by access roles by restricting access to specific rules rather than to entire classes. A privilege associates an access role with a rule that needs to be secured. Create privileges to more precisely define the access control features that are provided by Access of Role to Object rules. A privilege is identified by its name and Applies to class.

  • Requiring a privilege for a rule

    You can update a rule to specify that a privilege is required to access or use that rule. Only certain rule forms include the Privilege field, and for the rules that do, entering privileges is optional.

  • Viewing the roles that have a privilege

    To understand who has various privileges, you can view the roles that have a privilege. You can do this in various ways. The way you view roles and privileges depends on your familiarity with role and privilege names.

  • Specifying privileges for an Access of Role to Object rule

    To more precisely define access to instances of a class, you update the Access of Role to Object rule to grant or revoke privileges for a role and access class. Specifying privileges is optional.

Suggest Edit

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.