WebSphere Portal Security
来源:互联网 发布:淘宝千禧银楼是真的吗 编辑:程序博客网 时间:2024/05/22 00:08
Initial Access Control Settings
When you install portal server,the installation program will ask you for administrative user name.That user will become administrator of the portal. In addition to thatthe installation program will also create administrative group usuallywpsadmins that group will get Administrative role on the portal.
This is set of permissions that portal installation program will assign
- Administrative User: Gets unlimited access on all resources
- Administrative Group(wpsadmins): Same as that of administrative user
- All Authenticated Portal User:Gets User or Privileged User rights on preinstalled portlets and someof the pages that get created as part of install process
- Anonymous Portal User: Gets User rights on public pages such as login, selfcare, sitemap,..
Take a look at Initial Access Control Settings for further information on what all rights are assigned to various user/groups during portal install
Virtual Users and Groups
The portal supports predefined virtual users and groups that allow foraccess control configuration that applies to abstract sets of users.These virtual users and groups are not stored in the user registry.They only exist within the access control context. You cannot changegroup membership or other attributes of these virtual users and groups
- Anonymous Portal User:This virtual user models a portal user who has not yet logged into theportal. Assigning roles to this user on a resource allows access tothis resource prior to authentication to the portal server.This isuseful for creating public welcome pages. The Anonymous Portal User isnot considered to be a member of any group within the portal.On pagesand their virtual resource parents CONTENT_NODES and PORTAL, you canonly assign the Anonymous Portal User to the User role type
- All Authenticated Portal Users: This virtual user groupmodels the set of all users who are known by the portal. Aftersuccessfully logging in to the portal, users lose the Anonymous Portal User identityand become authenticated members of the All Authenticated Portal Usersvirtual user group. Roles assigned to this user group allowestablishment of permissions that will apply to all authenticated usersand thus support setting up the default privileges for authenticatedportal access.
- All Portal User Groups:This virtual user group contains all non-virtual user groups.
Delegated Administrative Policy
An administrator is a user who is authorized to modify the accesscontrol configuration by changing role assignments and creating ordeleting role blocks. When you install portal or create new VP, you setan administrator user, who becomes the domain administrator and canadmister all the resources in that domain.
WebSphere Portal also supports delegated administration, what that means is Portal Admin can give certain access rights to other user and that user can pass some of his user rights to other administrator. Take a look at this diagram.The wpsadmin is portal administrator, so he can assign say Editor orPrivleged User role to Sunil for particular page in Asia Marketingteam. He can also delegate administrative rights for Marketing team toMark and then mark would be able to assign rights to Sunil forparticular page or he can pass the Admin rights for pages under AsiaMarketing to James and James would be able to assign the appropriateuser Rights to Sunil.
WebSpherePortal has delegated administration policy that determines how usersare permitted to delegate their privileges to other users or groups.The general policy for creating or deleting role assignment is asfollows. A user Mark/marketingadmin can assign a Editor role to Sunilonly in one of the following cases are met
- Mark has the Administrator@Portal or Security Administrator@Portal role. That means he is the super admin for portal.
- SinceMark is not super admin, he can assign Editor Role to sunil on one ofthe Marketing Portal pages only if all of the following conditions aremet
- Mark has the Security Administrator@Markeing Page or Administrator@Marketing Page role
- Mark has atleast Editor@Marketing Page role.
- Markhas the Delegator@Sunil, Security Administrator@Sunil orAdministrator@Sunil role. Its better to createasiamarketingusers/marketinguser group and assign admin rights to Markon that group
- WebSphere Portal Security
- WebSphere Portal 6.0 Security 设置的一个小经验
- websphere portal
- websphere security
- WebSphere Portal Portlet API
- WebSphere Portal Portlet API
- WebSphere Portal portlet开发
- WebSphere Portal api
- WebSphere Portal 编写 portlet
- WebSphere Portal 新手入门
- WebSphere Portal 新手入门
- websphere portal语言切换
- Websphere Portal 6.1 installation
- Dojo and WebSphere Portal
- Customizing Websphere Portal themes
- Customizing WebSphere Portal
- Websphere portal uninstall mannually.
- IBM WebSphere Portal downloads
- Test iPhone Client
- 线性表操作
- commons-beanutils-1.6.0.jar带来的问题!
- 一个简洁的Win32程序框架
- 本机IP读写
- WebSphere Portal Security
- 一道编程题
- Linux下文件夹操作常用命令
- 你真的知道一个HTML及资源是如何load的吗(了解各个部分是何时下载和执行的)
- 利用SQL语句得到客户端的IP地址
- find命令初探
- 如何把flash.exe转换成家用DVD可以播放的MPG格式
- OOP
- 咋把"06May09"搞到"yyyy-MM-dd"