Adobe LiveCycle (Archived)

Report · 7/13/10

Here is my setup. Assume I have 100 processes.

I've created a role that grants SERVICE_INVOKE permissions.

I've assigned this role to the "All Principals" group.

This was an easy way of granting invoke permissions to all users on all processes.

Now, I want to add process 101. But, I only want a limited set of users to be able to invoke it. How do accomplish this?

Because of the role I created earlier, all principals will get invoke permissions on process 101 by default. It appears to me that in order to accomplish this I will have to

Remove the SERVICE_INVOKE permission from my role.
Add the "All Principals" principal with INVOKE_PERM permission on each of the 100 processes
Add the limited set of users with INVOKE_PERM to process 101

I didn't see a way of denying "All Principals" invoke permissions on process 101.

_Nith_ · 7/13/10

Now you need to differentiate between 1st set of users(who invokes the 100 processes) & 2nd set(for the newly created process).

Try the following:

1. Create two user groups

Group1 (All users except 2nd set of users) i.e 1st set

Group2 (2nd set of users)

2. Remove all principal from PROCESS_INVOKE role assignment

3. Assign PROCESS_INVOKE role to both groups for the 100 processes

4. For Group2, assign PROCESS_INVOKE role on 101th process

Will that workout?

Nith

Adobe LiveCycle (Archived)

Process Invoke Permissions

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe