Set up security

This topic lists a sequence of tasks you typically follow when setting up your initial security in Deployment Automation. Then you administer each security area as needed.

To set up security, perform these tasks in order:

  1. Create Roles

    Create roles and define permissions for the various product areas. For most evaluations, the default roles should be adequate.

    See Role Configuration.

  2. Create Authorization Realms and Groups

    Authorization realms are used by authentication realms to associate users with groups and to determine user access.

    See Authorization realms and groups.

  3. Define Default Permissions

    Set default permissions by product area. You can set default permissions for all users or by group.

    See Set default permissions.

  4. Create Authentication Realms and Add Users

    The authentication realm is used to determine a user's identity within an authorization realm. Add users to appropriate authentication realms. If you configured more than one realm, user authentication is determined according to the hierarchy of realms defined in the Authentication pane. When a user attempts to log in, all realms are polled for matching credentials.

    See Authentication Realms and Users.

  5. Add Users to Groups

    Add members to groups. Users who are members of a specific group inherit the group' permissions.

    See Adding Users to Groups.

  6. Set Role Membership by Product Area

    To further refine the permissions by role, you can give groups and users role membership as follows:

    • For most product areas, set these in the Security tab for each product area and item.
    • In the Administration > Security options, set System Security and UI Security.

      Note: Environment and component security settings can be set at the direct object level and within the applications to which they are associated.

      For component security, no matter whether you set the security on the component level or application component level, the settings are applied everywhere.

      Environment security settings are handled as follows:

      • Upon initial association with an application, the security that is set for the environment is inherited by the application environment.
      • After an environment is associated with an application, if the security is changed directly on the environment, the setting for the application environment is not affected.
      • If the security is changed for the application environment, the setting at the direct environment level is not affected.

      See Set role membership by product area.

Back to top

See also: