Turning Access Control On Off by Editing XML

You can modify the XML to turn access control on or off. The XML can be modified via the XML editor in the Configuration Administrator (for deployed applications) or directly in the userAccess.xml file on the file system (for non-deployed applications)

Access control can be turned on or off using the following record/attribute in the application’s userAccess.xml file:

<record jsxid="UserAccess" useAccessDefaults="true">
  • If the useAccessDefaults attribute is set to "true" (the default), access for all users is controlled using a list of default access permissions specified in the <AccessDefaults/> element in the userAccess.xml file—that is, user access sets are not used to control user access (system actions still override access permissions given by the default user access controls).
  • If the useAccessDefaults attribute is set to “false”, the application determines each user’s access authority by looking at the privileges that that user possesses. It then looks in the userAccess.xml file to determine which user access sets contain those privileges. The user is given access to the functions listed in every user access set in which his privileges are listed.

By default, the <AccessDefaults/> element includes <access/> entries for all available functions:

<AccessDefaults>
   <!--<access name="StartInstance"/>-->
<access name="DataView">
   <access name="NewView"/>
    <access name="EditView"/>
    <access name="RemoveView"/>
    <access name="NewCategory"/>
    <access name="DataViewList">
       <access name="PageSize"/>
       <access name="DataViewResults">
          <access name="GlobalDataPreview"/>
          <access name="WorkItems"/>
          <access name="ProcessInstances"/>
          <access name="EventViewer"/>
         .
         .
         .

You can customize the <AccessDefaults/> element as needed:

  • include <access/> elements for each function to which you want all users to have access.
  • remove, or comment out, all <access/> elements for the functions to which you do not want users to have access.

For a description of all of the available functions, see Available Functions.