Try OpenEdge Now
skip to main content
Administration
REST Administration : REST Management Agent and REST Web Application Security Configurations : Working with security configurations : Modifying user roles and privileges
 
Modifying user roles and privileges
For all the existing users in the users.properties file, you can modify the user roles and privileges using the appropriate security configuration file, appSecurity-XXXX.xml, in the WEB-INF folder of the REST Management Agent or the REST Web application in your web server directory. Irrespective of which security configuration model you chose, you perform a similar set of edits.
For example, the following assigns privileges to ROLE_PSCAdmin and ROLE_PSCOper in the appSecurity-form-local.xml file:
<?xml version="1.0" encoding="UTF-8"?>
.
.
.
<!-- Get Manager status -->
<intercept-url pattern="/status" method="GET"
access="hasAnyRole('ROLE_PSCAdmin','ROLE_PSCOper')"/>
.
.
.
Add the user role, ROLE_PSCNewUser, with privileges of performing GET operation on /status:
<?xml version="1.0" encoding="UTF-8"?>
.
.
.
<!-- Get Manager status -->
<intercept-url pattern="/status" method="GET"
access="hasAnyRole('ROLE_PSCAdmin','ROLE_PSCOper','ROLE_PSCNewUser')"/>
.
.
.