Each user type has a specific security profile type defined within TIBCO Object Service Broker through the Security Manager facility. Additional individuals could have security administrative duties within your operating environment but outside of TIBCO Object Service Broker security. Their security profiles are defined using an external security package.
Each user session is identified by a user ID specified via a user profile. Although a user can have multiple user IDs, only one user ID can be used at session login. Each user is known to a TIBCO Object Service Broker session by the user ID they use at login.
You use the Security Manager to grant others access to your objects. Similarly, other users can grant or restrict your user ID access to their objects. As a user, you are known to the Security Manager as an individual user ID and also as a member of one or more security groups.
A security group is a list of users who require the same access rights or permissions. A user operates out of only one security group at a time. One user normally belongs to several security groups. For example, the USR01 user ID could belong to the groups listed in the following table:
When access is attempted on an object, the Security Manager looks up predefined access permissions for the user ID. This includes the security group that the user ID currently belongs to and the virtual group ALL, to which all user IDs always belong.
Summary of Checks When Accessing Objects contains information on how security clearance is accomplished when you are accessing an object.
Your user profile specifies your default security group (for example, APDEV). If you also work on other projects, you can change this default by specifying another security group to which you belong as your current group. For more information about setting your current group, refer to
Full Name, Phone, Timezone, CURRENT GROUP, and SecAdmin Fields.
If you want to access an object and access is denied, the first person you should contact is your security administrator. You can view your user profile to find out who your administrator is. For information about viewing your user profile, refer to
Accessing a Profile.
The user IDs of normal users are assigned to a security administrator for administration purposes. These user IDs are known as subjects. Security administrators have the following privileges over their subjects:
A system administrator is a user ID with the highest-level security clearance, level 7. This clearance can be given only to a user ID by another system administrator. Because of the absolute control system administrators have on a TIBCO Object Service Broker system, great care must be taken in granting level-7 clearance and in its use.