RBAC and CA AppLogic® User Interfaces

RBAC impacts all operations performed through any of the CA AppLogic® user interfaces. Note the following:

All user operations are authorized prior to execution.
Portions of the client-facing GUI are enabled or disabled based on user authorization checks. There is Security tab on the application configuration dialog which allows the application ACL to be edited.
Access to the controller web proxy is authorized, for example, to monitor an application.
There are CLI commands for managing users, groups, and object ACLs.
All Web API operations are remotely executed using SSH on the grid controller and are therefore authorized according to the user whose key is used when setting up the Web API.