UME Actions / Permissions

Hi,

There is an Action

- <ACTION NAME="Manage_Roles">

<DESCRIPTION LOCALE="en" VALUE="Permission to view, add, modify, and delete UME roles and to assign users and groups to UME roles. Does not apply to portal roles." />

<PERMISSION CLASS="com.sap.security.core.admin.permissions.UMAdminPermissions" NAME="ROLES_VIEW" VALUE="*" />

<PERMISSION CLASS="com.sap.security.core.admin.permissions.UMAdminPermissions" NAME="ROLES_ADD" VALUE="*" />

<PERMISSION CLASS="com.sap.security.core.admin.permissions.UMAdminPermissions" NAME="ROLES_MODIFY" VALUE="*" />

<PERMISSION CLASS="com.sap.security.core.admin.permissions.UMAdminPermissions" NAME="ROLES_DELETE" VALUE="*" />

<PERMISSION CLASS="com.sap.security.core.admin.permissions.UMAdminPermissions" NAME="ROLES_ASSIGN" VALUE="*" />

</ACTION>

I am trying to restrict the extend of the Manage Roles action to only certain roles which have the names starting with "SAM_XXX". I thought I could just assign VALUE="SAM*" but apparently it didn't work. So I am wondering if anyone knows what the VALUE parameter is used for.

Thanks.