Chapter 4. Roles and Users

4.1. Defining Roles

Before starting the server and logging onto Business Central, you will need to create some user accounts. This section describes the different user roles that are used in Red Hat JBoss BPM Suite:

  • admin: The users with admin role are the administrators of the application. Administrators can manage users, manage the repositories (create and clone), and have full access to make the required changes in the application. Admins have access to all areas within the system.
  • developer: A developer has access to almost all features and can manage rules, models, process flows, forms, and dashboards. They can manage the asset repository, they can create, build and deploy projects and they can even use Red Hat JBoss Developer Studio to view processes. Only certain administrative functions like creating and cloning a new repository are hidden for the developer role.
  • analyst: An analyst role has access to all high-level features to model and execute their projects. However, AuthoringAdministration access is unavailable to users with the analyst role. Certain lower-level features targeted towards developers, like the DeploymentArtifact Repository view are not accessible for this role. However, the Build & Deploy button is available for the analyst role while using the Project Editor.
  • user: User or a business user work on the business task lists that are used to operate a certain process. A user with this role can access the dashboard and manage processes.
  • manager: A manager is a viewer of the system and is interested in statistics around the business processes and their performance, business indicators, and other reporting of the system. A user with this role has access to the BAM only.

Enter the above mentioned roles during the user creation process.

4.2. Creating Users

To start adding new users, you will need to run the script on a Unix system or the add-user.bat file on a Windows system from the EAP bin directory.

Procedure: Creating New Users

  1. Go to the EAP bin directory.
  2. On a Unix system, run the following command:


    On a Windows system, run:

  3. Enter b to select the application user and press Enter.
  4. Accept the default realm (ApplicationRealm) by pressing Enter.
  5. At the user name prompt, enter the user name and confirm. For example: helloworlduser.


    Make sure that the selected user name does not conflict with any known title of a role or a group.

    For example, if there is a role called admin, you should not create a user with the user name admin.

  6. Create the user password at the password prompt and reenter the password. For example: Helloworld@123.


    The password should be at least 8 characters in length and should contain upper and lower case alphabetic characters (A-Z, a-z), at least one numerical character (0-9) and at least one special character (for example ~ ! @ # $ % ^ * ( ) - _ + =).

  7. Enter a comma-separated list of roles the user will need at the roles prompt (see Section 4.1, “Defining Roles”).

    Note that Business Central users need to have at least the analyst role, while the Dashboard Builder users need to have the admin role assigned. Roles should be entered as a comma-separated list.

  8. Confirm that you want to add the user.
  9. Enter yes at the next prompt to enable clustering in the future.