HATS administrative console roles

HATS administrative console is bound to WebSphere® security. This means that when WebSphere® Application Server security is enabled, your system administrators must have proper authentication to perform HATS administrative tasks. The security functions used by HATS are based on the Java EE form-based authentication process. When WebSphere® Application Server security is enabled, HATS administrative console operations are restricted based on the role defined for a user ID. There are three roles defined for use of the HATS administrative console. Each role has different capabilities.

HATSAdministrator
This role has full administration capability, able to do all of the following tasks:
  • Manage license information
  • Select the scope of management
  • View active connections, connection pools, connection pool definitions, user lists, and logs
  • Terminate active connections
  • View log and trace files
  • Set log and trace options
  • View potentially sensitive data by seeing the display terminal, change the trace settings, terminate existing connections, and download trace files.
By default, the HATSAdministrator role is mapped to All Authenticated users.
HATSOperator
This role is equivalent to the HATSAdministrator role, but cannot access potentially sensitive data. A user with this role cannot enable display terminal tracing, nor download trace files.
HATSMonitor
This role only allows the user to view non-sensitive data, such as active connections, connection pools, user lists, and logs. A user with this role cannot change any settings, such as license management settings, log and trace file options, display terminal settings, nor download trace files.
The mapping of roles to users or groups of users is performed using the WebSphere® administrative console.

For WebSphere® Application Server V6.x, ensure the All Authenticated option on the Map security roles to users/groups panel is checked for the appropriate HATS role. For WebSphere® Application Server V7.x and V8.x, ensure the All Authenticated in Application Realm option is selected using the Map Special Subjects drop-down on the Map security roles to users/groups panel for the appropriate HATS role.