IBM Web Content Manager Roles & Permissions | OpsBlu Docs

IBM Web Content Manager Roles & Permissions

IBM WCM access control -- library access, authoring roles, syndication permissions, and WebSphere Portal integration.

IBM Web Content Manager (WCM), part of HCL Digital Experience (formerly IBM WebSphere Portal), uses a comprehensive access control system integrated with WebSphere's security framework.

WCM Access Control Layers

WCM permissions operate at multiple layers:

  1. Portal Access Control -- Controls who can access the portal and its pages
  2. WCM Library Access -- Controls who can access content libraries
  3. WCM Item Access -- Controls who can perform actions on individual content items
  4. Authoring Portlet Access -- Controls who can use the WCM authoring tools

Built-in Roles

Role View Content Create Items Edit Items Approve Delete Manage Library Admin
Admin Yes Yes Yes Yes Yes Yes Yes
Manager Yes Yes Yes Yes Yes Yes No
Editor Yes Yes Yes No No No No
Contributor Yes Yes (drafts) Own only No No No No
Reviewer Yes No No Yes No No No
User Yes No No No No No No

Workflow Integration

WCM integrates with workflow stages:

<!-- WCM Workflow definition (XML export format) -->
<workflow name="AnalyticsContentWorkflow">
  <stage name="Draft">
    <action type="approve" role="Editor"/>
    <action type="reject" role="Editor"/>
  </stage>
  <stage name="Review">
    <action type="approve" role="Reviewer"/>
    <action type="reject" role="Reviewer"/>
  </stage>
  <stage name="Published">
    <action type="expire" role="Manager"/>
  </stage>
</workflow>

Analytics-Relevant Permissions

Adding analytics scripts requires Portal Admin access to modify theme templates:

<%-- WebSphere Portal Theme: theme.html or Default.jsp --%>
<%-- Add to <head> section of the portal theme --%>
<script async src="https://www.googletagmanager.com/gtag/js?id=G-XXXXXXXXXX"></script>
<script>
  window.dataLayer = window.dataLayer || [];
  function gtag(){dataLayer.push(arguments);}
  gtag('js', new Date());
  gtag('config', 'G-XXXXXXXXXX');
</script>

LDAP Integration

WCM uses WebSphere's federated repository for user management, typically connected to enterprise LDAP/Active Directory.

Best Practices

  1. Use WCM libraries to isolate content areas and assign library-level permissions
  2. Implement workflow stages for content approval rather than giving Editor direct publish access
  3. Use the Reviewer role for stakeholders who need to approve but not edit content
  4. Portal theme modifications (for analytics) require Portal Admin access -- keep this restricted
  5. Leverage WebSphere's LDAP federation for centralized user management
返回顶部