Types of authority
This topic discusses the types of authority that can be authorized and used on the server.
Your system provides different types of authorities for users. Authority means the type of access allowed to an object. Different operations require different types of authority. For example, you might have the authority to view information or to change information about the system. The system provides several different authority types. IBM groups these authority types into categories, called system-defined authorities and special authorities.
- Object Authority
- Defines what operations can be performed on the object as a whole.
- Data Authority
- Defines what operations can be performed on the contents of the object.
- Field Authority
- defines what operations can be performed on the data fields.
Special authority is used to specify the types of actions that a user can perform on system resources. A user can be given one or more special authorities. The system security level determines what the default special authorities are for each user class. When you create a user profile, you can select special authorities based on the user class. Special authorities are also added and removed from user profiles when you change security levels.
For more information about setting up resource authority, see How the
system checks authority
in Chapter 5 of the IBM i Security
reference.