Select to view content in your preferred language

Securing folders/services by roles

671
4
01-10-2013 08:35 PM
Status: Open
MasaakiABE
Esri Contributor

By specfication and according to the following page, users who have Publisher's role have access to all services and folders within the ArcGIS Server site.

"When a role has its role type set to Administrator or Publisher, members of that role will have implicit permission to access all services hosted on an ArcGIS Server site. This implicit permission cannot be overridden by changing the permissions on a service or folder. "
http://resources.arcgis.com/en/help/main/10.1/index.html#/na/0154000005qw000000/


That means, Publishers can stop or delete any services hosted on the site.

For example, if one organization is using ArcGIS 10.1 for Server and wants to manage map services by departments, the OOTB ArcGIS Server does not have the capability to hide folders and services from publishers.


Another exapmple:If I have the below configuration, both User A and B have access to both Service A and B.
                              It'd be nice if User A can only see the Folder/Service A and not being able to from User B.

ArcGIS Server site
   -Folder A
       -Service A
   ==> Set permission as follows
          -Role A
              -User A(publisher)

   -Folder B
       -Service B
   ==> Set permission as follows
          -Role A
          -User A(publisher)

Tags (2)
4 Comments
MasaakiABE
mistake in the B part

ArcGIS Server site
-Folder A
-Service A
==> Set permission as follows
-Role A
-User A(publisher)

-Folder B
-Service B
==> Set permission as follows
-Role B
-User B(publisher)
AndrewPratt
I agree. Publishers should be limited to only add/del/mod their own services not globally like Admins.
StuartFletcher1
Would make managing ArcGIS server sites accross lrage organisation much easier.
SeanTucker1
Idea ..
At a minimum
A publisher could make his published service either Private or Public Authored.
- Private Authored only permits the Publisher to alter his service.
- Public Authored allows other Publishers to alter his service.