Security for the manager depends upon the environment from which you launch the manager. When you deploy the manager to an application server, security for the manager depends upon the security settings of the application server. When you launch the manager from the designer, you can run, publish, or export any service within the designer workspace to any available registry.
When you deploy the manager to an application server, use the application server to set up user authentication for the manager. The manager can use any authentication method that is supported by the application server. Regardless of the authentication method that you use on the application server, you must use the roles that are supported by the manager.