A user name may belong to several authorization groups (also known as
roles). The following table specifies authorization group requirements. Configure authorization groups either in the JAAS file or the flat file of the authentication service.
When using a JAAS authorization service, the name of the JAAS realm
must be
tibftlserver.
Authorization Groups
Authorization Group
Usage
ftl
FTL servers require client programs to authenticate with user names in the authorization group
ftl.
ftl-admin
Authenticated users in the authorization group
ftl-admin can execute administrative operations, modify the realm definition, and view monitoring pages.
ftl-guest
Authenticated users in the authorization group
ftl-guest can view realm definition and monitoring pages. However, they cannot execute administrative operations nor modify the realm definition.
ftl-internal
FTL servers require affiliated FTL servers to authenticate with a user name in the authorization group
ftl-internal.
Note: As of Release 6.0, the authorization groups
ftl-primary,
ftl-satellite,
ftl-backup,
ftl-dr are obsolete. For each of these, use
ftl-internal instead.
