pp108 : Setting Access Control

Setting Access Control
This topic describes access control in WS-AppServer.


Access control is about defining accessibility of an object by attaching certain restrictions to the object or its attributes. It is meant to help the user in controlling the behavior of an object or its attributes when they are used in business process flows.

Object-level access control defines the operations that can be performed on a particular object and its attributes. Object-level access control is dynamic in nature. It allows you to determine the access level of an object based on its content. This kind of control is implemented by writing Java logic in the event listeners that are supplied with the WS-AppServer installation. Dynamic access control involves extensive validation of each object in the flow, and may result in reduced performance levels of the application.

Attribute-level access control can be set based on an attribute's properties such as changeability, availability, and its value during runtime. Attribute-level access control is both static and dynamic in nature. The static type of access control is set when the application is being modeled (design-time). This information is applied to the attribute of a particular class. Static attribute access control is implemented by setting the changeability of a particular attribute. The dynamic type of access control is used to set access levels to an attribute of a particular object based on its availability and its value at runtime.

Access control on objects and attributes can be defined either at the server level or at the client level. Access control defined at the server level controls the operations that are carried out on an object and its attributes, whereas access control defined at the client level determines the display of an object on the client interface (UI).

Related reference

Setting Access Control at the Client Level
Setting Access Control at the Server Level
A Quick Reference to Access Control