Hi ,
Requirement say, when application owner logs in they can able to collect the Accounts and Entitlements to their respective application. But we don't want to give collection privileges to application owner.
I could see the SecurityContext.csv file have all permissions. Do you have any idea where I can make a changes to reflect it.
Your help would be much appreciated.
Regards,
Hemanth
I happened to stumble across these videos shortly after posting above:
https://community.rsa.com/videos/21457
https://community.rsa.com/videos/21458
Hi William May
Thanks for sharing the wonderful video. However still wondering where to edit the changes like should I be edited under Application level or Account Collector level or user level.
Regards,
Hemanth
Hi Venkata Ramana Reddy Kanaparthy
Could you please help on the above requirement.
Thanks in advance
Regards,
Hemanth
Some default entitlements are defined in the SecurityContext.csv file and they can not be removed. Application owner is one of them. All application business owners get the required privilege with which one can run the collections for that application.
Only option i see is to set your application owner to some custom user attribute and then grant required privileges to that user using custom security file upload as explained in videos. However, if you grant anything equal to or higher than Application->Edit privilege to the user, he will be able to run collection on that application. With this, you can only be granting Application->View privilege to that user if you don't want him to run collection on that application.
I know you can make alterations to the privileges by uploading a SecurityContext.csv file in Admin-> User Interface -> Files -> Security Files. Which version are you on? In 6.9.1, If you navigate to this page and click help, you'll get a lot of useful info.