Turning Access Control On and Off

The use of user access sets and privileges to control access in the application can be turned on or off.

  • If access control is turned on, the application determines each user’s access authority by looking at the privileges that that user possesses. It then looks in the userAccess.xml file to determine which user access sets contain those privileges. The user is given access to the functions listed in every user access set in which his privileges are listed.
  • If access control is turned off, access for all users is controlled using a list of default access permissions specified in the <AccessDefaults/> element in the userAccess.xml file—that is, user access sets are not used to control user access. This provides a means of controlling access for all users without regard to privileges possessed by individual users (although system actions are still enforced, even if the default user access controls are used).

The way in which you turn access control on or off depends on whether you are using the graphical editor in the Configuration Administrator, or modifying XML.