Process Overview

The table below summarizes the steps CZS could take to create the Sales Domain and configure it to secure their data using user attributes and roles.


Described in…

1. Define a Domain. The CZS business case is met by a Sales Domain that includes the following fields from their JDBC data source: city, state, product department, sales amount, cost amount, and unit sales.

Sales Domain

2. Identify and create access roles. CZS needs two roles: one for managers, and another for sales representatives. Both are granted access to the Sales Domain.


3. Create users and assign appropriate roles to each one.


4. Identify and create attributes that determine each user’s access to data in the Domain. CZS needs two attributes: Cities and ProductDepartment.

User Attributes

5. Prepare to test the security implementation by enabling logging and creating an example report.

Setting Up Logging and Testing

6. Iteratively create, upload, and test an XML file that defines the access granted to users based on the attributes defined in step 4.

Creating a Domain Security File

7. Test the Domain as various users.

Testing and Results