ON THIS PAGE
About the Roles Page
You are here: Device Administration > Users & Roles > Roles.
J-Web supports users’ authentication and authorization based on their roles. When root, tenant, or logical-system users log in to J-Web, their roles and access permissions determine the J-Web menus they can access and the tasks they can perform. For logical system and tenant users, the J-Web UI does not display menus for the restricted features.
Table 1 lists the details of the user role type, role scope, and access privilages.
User Details | Description |
---|---|
Role Type | |
Predefined roles |
System-defined roles with a set of predefined access privileges assigned to a user to perform tasks within the J-Web UI. During Junos OS installation, predefined roles (super-user) are generated in the system. Note:
A device-read-only role is a J-Web specific read-only predefined role. User with this role assigned can only view all the device details in the J-Web UI. |
Custom roles |
Customized (user-defined) roles with a set of access privileges assigned to a user to perform tasks within the J-Web UI. This includes the J-Web UI main menu and first-level sub-menu items (for example, Monitor, Device Administration, and Commit Configuration). Note:
|
Role Scope—A role scope defines the
capabilities of the user. Note:
The role scope option is only available on the SRX Series Firewalls that support multi-tenancy. |
|
Default |
Users who are assigned with this role scope can view, configure, and manage root logical systems. |
Tenant |
Users who are assigned with this role scope view, configure, and manage tenant system. |
Logical System |
Users who are assigned with this role scope view, configure, and manage logical system. |
Access Privileges—A user role can be assigned with the access privileges and actions to access J-Web UI menus and sub-menus. | |
Full access |
Users can perform all the menu actions. |
Read-only access |
Users have view-only permissions for the respective menus. |
No access |
Users do not have permission to perform the action. |
Tasks You Can Perform
You can perform the following tasks from the Roles page:
-
Associate a role to users. To do this, click Users link available below the Roles page title to directly navigate to the Users page. Then, click + to add a new user with a role or select the existing user and click the pencil icon to modify the role. For more information, see Create a User.
-
View the details of a role. To do this, select an existing role and follow the available options:
-
Click More and select Detailed View.
-
Right-click on the selected role and select Detailed View.
-
Hover over to the left of the selected role name and click the Detailed View icon.
-
Create a role. See Create a Role.
Edit a role. See Edit a Role.
Delete a role. See Delete a Role.
-
Show or hide columns in the Roles table. To do this, click the Show Hide Columns icon in the top right corner of the Roles table. Then, select the options you want to view or clear the options you want to hide on the page.
-
Advance search for roles. To do this, use the search text box present above the table grid. The search includes the logical operators as part of the filter string. In the search text box, when you hover over the icon, it displays an example filter condition. When you start entering the search string, the icon indicates whether the filter string is valid or not.
Note:You can search only by role name.
For an advanced search:
-
Enter the search string in the text box.
-
Select a value from the list and then select a valid operator based on which you want to perform the advanced search operation.
Note:Press Spacebar to add an AND operator or OR operator to the search string. Press backspace at any point of time while entering a search criteria, only one character is deleted.
-
Press Enter to display the search results in the grid.
-
Field Descriptions
Table 2 describes the fields on the Roles page.
Field |
Action |
---|---|
Name |
Displays the name of the role. |
Role Scope |
Displays the role scope. For example, Default, Tenant:<tenant-name>, and Logical System:<logical-system name>. Note:
This option is only available on the SRX Series Firewalls that support multi-tenancy. |
Predefined/Custom |
Displays whether the role is a predefined role or a custom role. |