UpdateAccesscontrol.xml

 

<?xml version="1.0" encoding="UTF-8"?>
<!--
-->

<request
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:noNamespaceSchemaLocation="PortalConfig_1.4.xsd"
    type="update"
    create-oids="true">

    <!-- Sample for setting access control on resources -->
    <portal action="locate">

        <!-- Virtual resources allow you to set access control on all resources of a certain type.
             The following example assigns the administrator privileges on all user groups -->
        <virtual-resource name="USER_GROUPS" action="update">
            <access-control>
                <role actionset="Administrator" update="set">
                    <mapping subjectid="wpsadmin" subjecttype="USER" update="set"/>
                </role>
            </access-control>
        </virtual-resource>

        <!-- Set access control on a portlet - the portlet is  not redeployed.
             The same syntax can be used to set access control on a new deployed portlet -->
       <web-app action="locate" uid="com.ibm.wps.portlets.welcome">
          <portlet-app action="locate" uid="com.ibm.wps.portlets.welcome.1">
              <access-control>
                  <!-- The user role should not automatically propagate to portlets in this application. -->
                  <role-block type="propagation" actionset="User"/>
              </access-control>
               <portlet action="update" active="true" name="Welcome Portlet">
                   <access-control>
                       <!-- Remove all role blocks on this resource. -->
                       <role-block type="none"/>
                       <role actionset="Administrator" update="set">
                           <!-- depending on directory used, the DN must be changed -->
                           <mapping subjectid="uid=wpsadmin,o=default organization" subjecttype="USER" update="set"/>
                       </role>
                       <role actionset="Privileged User" update="set">
                           <mapping subjectid="all authenticated portal users" subjecttype="USER_GROUP" update="set"/>
                       </role>
                       <role actionset="User" update="set">
                           <mapping subjectid="anonymous portal user" subjecttype="USER" update="set"/>
                       </role>
                   </access-control>
               </portlet>
           </portlet-app>
       </web-app>

       <!-- Set access control on a page - the layout of the page is not modified.
            The same syntax can be used to set access control on a new created page. -->
       <content-node action="update" uniquename="ibm.portal.SamplePage">
            <access-control>
                <!-- The manager role should not be inherited automatically from parents of this page.  -->
                <role-block type="inheritance" actionset="Manager"/>
                <!-- The manager role is set explicitly on this page. -->
                <role actionset="Manager" update="set">
                    <mapping subjectid="wpsadmin" subjecttype="USER" update="set"/>
                </role>
                <role actionset="User" update="set">
                    <mapping subjectid="anonymous portal user" subjecttype="USER" update="set"/>
                </role>
            </access-control>
        </content-node>

    </portal>
</request>