Updating user roles on WebSphere Application Server after upgrading

After you reinstall or upgrade Rational® Publishing Engine, update the user roles for connecting to the remote services that are deployed to WebSphere® Application Server.

About this task

Table 1. Remote services user roles
Role Capabilities
Document generation user (rpe_docgen_user)
  • Can generate documents remotely or locally from the client applications
  • Can view output files and logs about their document generation jobs
Document generation administrator (rpe_docgen_admin)
  • Can generate documents remotely or locally from the client applications
  • When used with the rpe_monitor_admin role, can view output files and logs from the document generation jobs initiated by any user
Central Management component user (rpe_library_user)
  • Can view public assets from the Document Studio application
  • Can use public assets to design templates
Central Management component contributor (rpe_library_contributor)
  • Can view assets from the Document Studio application
  • Can use assets to design templates
  • Can submit assets from the Document Studio application
  • Can modify their existing assets from the Document Studio application
Central Management component administrator (rpe_library_admin)
  • Can view the assets that are created by any user from the Document Studio application
  • Can use assets that are created by any user to design templates
  • Can submit assets from the Document Studio application
  • Can modify the existing assets that are created by any user from the Document Studio application
  • Can create assets in the Central Management component administrative user interface
  • Can modify existing assets that are created by any user from the Central Management component administrative user interface
  • Can remove assets created by any user from the Central Management component administrative user interface
Monitor & Control component user (rpe_monitor_user)
  • Can change the state of their document generation jobs
  • Allows their document generation jobs to be monitored by users with the rpe_monitor_admin role
Monitor & Control component administrator (rpe_monitor_admin)
  • When used with the rpe_docgen_admin role, can view output files and logs from the document generation jobs initiated by any user
  • Can change the status of the document generation jobs initiated by any user

Procedure

  1. Open the administrative console in a browser. Example: http://server:port/ibm/console/logon.jsp
  2. Stop the deployed Web Services application:
    1. Click Applications > Enterprise Applications. The rpews.war application you added is listed as the application name you entered.
    2. Select the Web Services application.
    3. Click Stop.
  3. Configure the security roles:
    1. Click Users and Groups > Manage Users.
    2. Click Create and create three users: rpe_admin, rpe_contributor, and rpe_client, if you have not done so already.
    3. To associate roles with the users, navigate to Applications > Enterprise Applications > rpews.war application > Security role to user/group mapping. These are the roles you can associate with the users for each of the services, depending on which services you plant to use:
      • rpe_docgen_user
      • rpe_docgen_admin
      • rpe_library_user
      • rpe_library_contributor
      • rpe_library_admin
      • rpe_monitor_user
      • rpe_monitor_admin
      Tip:
      • See the table in the About this task section above for descriptions of each role.
      • For added security, create more than one client user and give only one the rpe_docgen_user role. The document generations that users create might contain confidential data. By creating two types of users, you can ensure that only users who have permission to view the result outputs can view them.
    4. Associate the user roles with the rpe_client users.
      1. Select rpe_docgen_user.
      2. Click Look up users.
      3. In the Search String field, enter rpe* and click Search.
      4. In the Available column, press the CTRL key, and then select rpe_client. Click >> to add the users to the Selected column.
      5. Click OK.
      1. Select rpe_library_user.
      2. Click Look up users.
      3. In the Search String field, enter rpe* and click Search.
      4. In the Available column, press the CTRL key, and then select rpe_client. Click >> to add the users to the Selected column.
      5. Click OK.
      1. Select rpe_monitor_user.
      2. Click Look up users.
      3. In the Search String field, enter rpe* and click Search.
      4. In the Available column, press the CTRL key, and then select rpe_client. Click >> to add the users to the Selected column.
      5. Click OK.
    5. Associate the contributor and user roles with the rpe_contributor users.
      1. Select rpe_docgen_user.
      2. Click Look up users.
      3. In the Search String field, enter rpe* and click Search.
      4. In the Available column, select rpe_contributor and click >> to add the user to the Selected column.
      5. Click OK.
      1. Select rpe_library_contributor.
      2. Click Look up users.
      3. In the Search String field, enter rpe* and click Search.
      4. In the Available column, select rpe_contributor and click >> to add the user to the Selected column.
      5. Click OK.
      1. Select rpe_monitor_user.
      2. Click Look up users.
      3. In the Search String field, enter rpe* and click Search.
      4. In the Available column, press the CTRL key, and then select rpe_client. Click >> to add the users to the Selected column.
      5. Click OK.
    6. Associate the administrator role with the rpe_admin user.
      1. Select rpe_docgen_admin.
      2. Click Look up users.
      3. In the Search String field, enter rpe* and click Search.
      4. In the Available column, select rpe_admin and click >> to add the user to the Selected column.
      5. Click OK.
      1. Select rpe_library_admin.
      2. Click Look up users.
      3. In the Search String field, enter rpe* and click Search.
      4. In the Available column, select rpe_admin and click >> to add the user to the Selected column.
      5. Click OK.
      1. Select rpe_monitor_admin.
      2. Click Look up users.
      3. In the Search String field, enter rpe* and click Search.
      4. In the Available column, select rpe_admin and click >> to add the user to the Selected column.
      5. Click OK.
    7. Click OK and Save directly to the master configuration.
  4. Start the Web Services application:
    1. Click Applications > Enterprise Applications. The rpews.war application you added is listed as the application name you entered.
    2. Select the Web Services application.
    3. Click Start. The following confirmation message displays: Application rpews.war on server server_name and node node_name started successfully.

Feedback