Using Windows Authentication Security - trillium_discovery - trillium_quality - 17.1

Trillium Control Center

Product type
Software
Portfolio
Verify
Product family
Trillium
Product
Trillium > Trillium Discovery
Trillium > Trillium Quality
Version
17.1
Language
English
Product name
Trillium Quality and Discovery
Title
Trillium Control Center
Topic type
Administration
Overview
How Do I
Configuration
Reference
Installation
First publish date
2008

If Windows authentication is used, a user can be allowed or denied permission to read, create, edit, execute, delete, and export a project, entity, business rule, or Business Rules Library object in a repository. If you have the appropriate permission privileges, you can extend or limit another user's permissions on an object, add users to the object, and change the object owner.

Caution: There is no source control for repository objects. They cannot be checked out or checked in and more than one user may work on an object at a time. Therefore, care must be taken when multiple Trillium users with the same level of permissions, sharing the same objects, concurrently access the same repository. Be aware of user permission levels and plan your work accordingly so that work is not overwritten or lost.

For example, suppose you created a project but you are still tuning it and do not want another user to run it at this point. You can block access to the project until you are satisfied with it, and then restore access.

Guidelines

Note the following when setting security permissions in the Control Center:

  • If the permissions set at the object level are different from those set at the repository level, the most restrictive permission applies. For example, if the Trillium repository administrator granted you permission to modify any project in a repository, but the owner of a particular project denied you (or a group of which you are a member) permission to modify it, then the deny privilege is the one that the Control Center recognizes.
  • Security is available for all objects in the Business Rules Library, including business rules, attributes, entities, and the top-level Entity Business Rules and Attribute Business Rules folders.
Note: Security in the Library does not extend to objects in the Projects, Ignore Words, and Word Definitions folders.
  • By default, permissions are based on the hierarchy of objects in the Navigation View. For example, the permission for a library entity business rule is inherited from its parent library entity, which in turn inherits permission from the Entity Business Rules entity folder.

Changing the permissions of a parent object affects all child objects. For example, if permission is modified on an entity, then permissions on all business rules associated with that entity also change.

To view and modify permissions for a repository object

  1. In the Control Center Navigation View, right-click an entity, project, business rule, or Business Rule Library object and select Security. A security window opens, listing all users and user groups with access to the selected repository object.
    Note: The Security option is dimmed if you do not have the permissions privilege.
  2. From the Group or user names list, select the user or group whose permissions you want change.
  3. In the Permissions for username section, click the Allow or Deny check boxes for each option.
  4. Repeat Steps 2 and 3 as necessary.
  5. (Optional) To add a user or group to the object:
    1. Click Add. The Select Users... window opens.
    2. In the text field, enter a Windows-Authenticated name. Click Check Names if necessary to display the full domain name for the user/group .
    3. Click OK. The name is added to the Group or user names list. By default, a newly added user has only Read permissions.
    4. Select the user name and click the Allow and Deny check box for permission options as needed.
    5. To deny access to a user who belongs to a group that has permissions to the current repository, add the user name to the Group or user names list, then click the Deny check boxes for that user.
  6. (Optional) To change the owner of the object:
    1. Click Advanced. The Advanced Security Settings window opens.
    2. Click the Owner tab. The current owner is listed. (To see documentation about using the Owner tab, click Learn about object ownership.)
    3. In the Change owner to field, select a user name or click Other users or groups to add names and groups to this list.
    4. Click Apply. The new user or group is displayed in the Current owner field.
    5. Click OK.
  7. Click OK. The changes you make will apply only to the object you selected in Step 1.