Authorizing for roles |
In addition to supporting authorization of service instances, SuperMap iServer also supports permissions editing for specified roles, including authorization/disablement of service access and authorization/disablement of service management functions.
After logging in to the Web Manager of the service management server, click the Security and Roles tabs in turn, and select the role to be edited to view and edit the permission information of the current role.
On the role editing page, you can see the service authorization information, including the list of services authorized by the current role, the services that all users can access, and the services that the current role is prohibited from accessing. Click Modify on the right to open the Modify Service Access Permission dialog box to modify the services that the current role is authorized to access or prohibited to access.
The forbidden priority policy is used for the services that are forbidden to access, that is, as long as the service is checked in the list of services that are forbidden to access, the role cannot be accessed.
After modifying the authorization information, you need to click the " Save " button at the bottom of the page to make the modification effective.
Administrators can grant other roles permissions to manage iServer service instance and manage server systems. The authorization operation of the management function can be realized through the role editing page.
The permissions of service management include the management permissions of the service publish service, each service instance, and the service providers, components, and interfaces that constitute the service instance.
The built-in default role PUBLISHER has permissions on the publish services instance, including publish services ervice instance and creating service providers, service components, and service interfaces. In addition to the service publishing permission, the publisher of a certain service instance has the modify and delete permissions of the current service instance by default. In addition, PUBLISHER also have permission to view the log, but not to modify the log configuration.
On the editing page of the role, you can see the list of service instances that can be managed by the current role. Of course, it also includes the management of the providers, components, and interfaces of these service instances. Click Modify on the right to modify the list of service instances that can be managed by the current role.
After modifying the authorization information, you need to click the " Save " button at the bottom of the page to make the modification effective.
The permission list of the system management function includes: