Can we put this one to bed once and for all?
Will an entry in the custom SecurityContext file for resource/action combination that exists in the default SecurityContext file override the associated privilege. For example, if Business Source : Business Owner grants Manage by default but we want to override that privilege to View.
I have seen assorted comments/posts/etc. on here - some of which say that the custom entry WILL override the default one ..... and some of which say that it won't.
Someone out there must know the definitive answer !! I thought it did, now I'm not so sure.
Then ... if the answer is "No, it won't" - how are we supposed to downgrade privileges for OOTB default roles such as Application Owner?
Frank Schubert Boris Lekumovich Tim Willemstein Edwin Mullie
Today the custom security context file just appends to the default security context file. If you wish to change the default security context file you can but that would imply you need to redeploy the ear file with the new default security context file. How to redeploy the ear file is covered in the product documentation (install guide or the upgrade / migration guide). Ideally you do not modify the OOTB permissions and just supplement them.
Be aware that when doing upgrades / patches you have to redeploy the ear file with your default security context file!