Scribd Logo
Carica

Benvenuto in Scribd!

  • Security Considerations 8.0.1

    Caricato da

    ffapmad
    20 visualizzazioni4 pagine
    IBM BPM 8.0.1

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    IBM BPM 8.0.1

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    20 visualizzazioni4 pagine

    Security Considerations 8.0.1

    Caricato da

    ffapmad
    IBM BPM 8.0.1

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 4

    10/14/13

    Help - IBM Business Process Manager

    IBM Business Process Manager, V8.0.1, All platforms


    applications

    > Securing IBM Business Process Manager and

    > Getting started with security

    Security considerations
    This section contains information that you need to know when determining how security will be
    implemented in standalone and network deployment environments in IBM Business Process Manager.
    For more information about registries and repositories, see

    Selecting a registry or repository.

    Tab le 1. Security considerations for IBM Business Process Manager

    Standalone
    environment

    Network deployment
    environment

    User Registry setup

    The User Registry is


    federated across the file
    registry and the Process
    Center internal User
    Registry (which points to
    the database). If the User
    Registry configuration is
    modified, then the new
    registry should be
    federated with the internal
    User Registry. If the user
    registry setup is modified,
    follow the instructions that
    require the new registry to
    be pre-populated with out
    of the box users.

    The user registry is


    federated across the file
    registry. If the user
    registry setup is modified,
    follow the instructions that
    require the new registry to
    be pre-populated with the
    internal users.

    Management of users and


    groups for IBM Business
    Process Manager
    Advanced

    Internal users and


    groups: Internal users and
    groups are managed
    through the Process
    Admin Console.

    Internal users and


    groups: Internal users are
    managed through the
    WebSphere Application
    Server administrative
    console, while internal
    groups are managed
    through the Process
    Admin Console.

    Security consideration

    User-defined users and


    groups: With the out of
    the box user registry
    setup, users can be
    created using the Process
    Admin Console or the
    WebSphere Application
    Server administrative
    console. Note the
    following considerations:
    Users and groups
    created in the
    Process Admin
    Console are stored
    in the internal User
    Registry whereas
    those created in
    the WebSphere
    Application Server
    administrative
    console are stored
    in the file registry.
    When users and
    groups are
    synchronized in the
    Process Admin

    User-defined users and


    groups: Users and groups
    are managed using the
    WebSphere Application
    Server administrative
    console.

    pic.dhe.ibm.com/infocenter/dmndhelp/v8r0m1/index.jsp?topic=%2Fcom.ibm.wbpm.main.doc%2Ftopics%2Fcbpm_ibpmarch.html

    1/4

    10/14/13

    Help - IBM Business Process Manager

    Process Admin
    Console or at
    server startup, the
    users and groups
    from the file registry
    are synchronized to
    the internal User
    Registry.
    The User and
    Group management
    in the Process
    Admin Console
    creates, modifies
    and deletes users
    and groups from
    the internal User
    Registry. It does
    not manage the
    users and groups
    from the file
    registry.
    The users and
    groups created in
    the file registry can
    be added as
    members of the
    groups in the
    internal User
    Registry. The
    groups in the
    internal User
    Registry are not
    visible to the
    WebSphere
    Application Server
    administrative
    console, business
    process
    component,
    Business Space, or
    business
    calendars.
    The users and
    groups created in
    the WebSphere
    Application Server
    administrative
    console are stored
    in the file registry.
    The users in the
    internal User
    Registry are visible
    to the WebSphere
    Application Server
    administrative
    console "Manage
    Users" but they
    cannot be modified
    or deleted from the
    WebSphere
    Application Server
    administrative
    pic.dhe.ibm.com/infocenter/dmndhelp/v8r0m1/index.jsp?topic=%2Fcom.ibm.wbpm.main.doc%2Ftopics%2Fcbpm_ibpmarch.html

    2/4

    10/14/13

    Help - IBM Business Process Manager

    administrative
    console.
    These users cannot
    be added as
    members to the
    groups of the file
    registry. The
    groups in the
    internal User
    Registry are not
    visible to the
    WebSphere
    Application Server
    administrative
    console.
    Management of users and
    groups for IBM Business
    Process Manager
    Standard

    Internal users and


    groups: The internal users
    and groups are managed
    through the Process
    Admin Console. Note the
    following considerations:

    Internal users and


    groups: Internal users are
    managed through the
    WebSphere Application
    Server administrative
    console, while internal
    groups are managed
    through the Process
    Admin Console.

    User-defined users and


    groups: User-defined
    users and groups
    managed using the
    User-defined users and
    Process Admin Console.
    groups: Users and groups
    are managed using the
    Users and groups
    WebSphere Application
    created in the
    Server administrative
    Process Admin
    console.
    Console are stored
    in the internal User
    Registry.
    You can grant
    administrative
    access to IBM
    Business Process
    Manager by adding
    pre-existing groups
    of users from your
    external User
    Registry to
    tw_admins, which
    is the IBM BPM
    security group
    whose members
    have administrative
    access to IBM
    BPM by default.
    When changes are
    required, you can
    simply add or
    remove individual
    users from the
    groups that exist in
    your external User
    Registry. This
    practice ensures
    that the security
    maintenance you
    perform in your
    pic.dhe.ibm.com/infocenter/dmndhelp/v8r0m1/index.jsp?topic=%2Fcom.ibm.wbpm.main.doc%2Ftopics%2Fcbpm_ibpmarch.html

    3/4

    10/14/13

    Help - IBM Business Process Manager

    perform in your
    external provider
    does not require
    additional work in
    IBM BPM.
    Parent topic: Getting started with security
    Related concepts:
    Getting started with security

    Feedback | Terms and conditions

    This information center is powered by Eclipse technology. (http://www.eclipse.org)

    pic.dhe.ibm.com/infocenter/dmndhelp/v8r0m1/index.jsp?topic=%2Fcom.ibm.wbpm.main.doc%2Ftopics%2Fcbpm_ibpmarch.html

    4/4

    Potrebbero piacerti anche