Chapter 3. User Authorization

Procedure 3.1.  Enable Role-Based Authorization

1. Before enabling role-based authorization, it is necessary to assign one trusted user the admin role.
   1. From the JBoss Enterprise BRMS web user interface navigation panel, select Administration User Permissions.
   2. Click Create new user mapping and enter the name of the user to be granted Admin permissions. Note, this user must already exist in the brms-users.properties file.
   3. Click Open next to the username whose permissions are being changed.
   4. Click the plus icon to add permissions, and select admin, click OK, and click Save changes.
      After the system has saved the changes Yes will be displayed under Administrator.
2. Shut down the application server before making these changes.
3. Open the jboss-as/server/production/deploy/jboss-brms.war/WEB-INF/components.xml file in a text editor.
4. In the default components.xml file, locate the following code and replace false with true:

   <component name="org.jboss.seam.security.roleBasedPermissionResolver">
      <property name="enableRoleBasedAuthorization">false</property>
   </component>
   

   Note

   In versions 5.1 and earlier, locate and edit the following XML replacing false with true:

   <security:role-based-permission-resolver enable-role-based-authorization="false"/<
   

5. Restart the application server.
6. Log back into the BRMS web user interface. From the navigation panel, select Administration User Permissions and assign users roles as required.
7. Click Open next to the username whose permissions are being changed. Select the required role for the user, click OK, and click Save changes.

   Note

   Users can be assigned more than one role.

   Users assigned the admin role can modify the roles and permissions of other users.