Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 4 Configuring Access Control Lists Using the Browser Administration Interface : Configuring ACL Profiles

Configuring ACL Profiles
You can use the Browser Administration Interface to configure ACL profiles for clients. ACL profiles specify which subjects clients are permitted to publish on and subscribe to.
Clients that are are not mapped to specific ACL profiles are denied access to the P-7500 system when the ACL feature is unlocked through the product key.
When you create an ACL profile, you can configure whether you want the default action to be to allow or disallow clients assigned to the ACL profile from publishing on or subscribing to subjects. You can also list specific subjects that you want to be excepted from the default action.
The rules governing what subjects a client can publish and subscribe to are applied when the ACL profile is mapped to the client. See “Configuring Username Service Mappings” on page  62.
Each P-7500 system has a preconfigured ACL profile named "default". The initial configuration of the "default" ACL profile is:
Although you can modify the configuration of the "default" ACL profile, it cannot be deleted.
If you change the default action for a custom ACL profile, any existing subjects that are listed as exceptions are maintained as exceptions, but their behavior becomes the opposite of what it was.
Adding ACL Profiles
To add ACL profiles:
1.
Click ACL Profiles in the left margin of the Browser Administration Interface.
2.
3.
4.
The new ACL profile is listed in the ACL Profiles page. In the Profile Name column, click the ACL profile.
5.
The ACL Profile page for the new ACL profile appears. Click Publish to configure the ACL profile for publishing subjects.
6.
The current default action is listed in the Publish Subject Default Action field. To configure the default action for publishing subjects, click Change Default. The following default actions are possible:
Default Action
7.
8.
The Profile - Add Publish Subject Exception page appears. Type a name for the subject exception in the Subject box, and click Add.
9.
The ACL Profile page for the current ACL profile appears. Click Subscribe to configure the ACL profile for subscribing to subjects.
10.
The current default action is listed in the Subscribe Subject Default Action field. To configure the default action for subscribing to subjects, click Change Default. The following default actions are possible:
Default Action
11.
12.
The Profile - Add Subscribe Subject Exception page appears. Type a name for the publish exception in the Subject box, and click Add.
13.
The ACL Profile page for the current ACL profile appears. The ACL profile is now configured for both publishing on and subscribing to subjects. Click Back to Profiles to return to the ACL Profiles page.
You have completed this procedure.
Removing ACL Profiles
You can use the Browser Administration Interface to remove any ACL profile except the default.
When an ACL profile is removed, any username service mappings for the ACL profile are assigned to the default ACL profile. If a connected client mapped to the profile that is removed, the client’s connection is maintained, but the publish and subscribe permissions for the default ACL profile are immediately applied to the client.
To remove ACL profiles, follow these steps.
1.
Click ACL Profiles in the left margin of the Browser Administration Interface.
2.
3.
A confirmation dialog box appears. Click OK to remove the ACL profile.
You have completed this procedure.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved