13.6 OracleAS Portal Security

OracleAS Portal allows you to assign security to items and pages based on user identity. When a user enters an OracleAS Portal site, he typically logs in, although a site can also accept anonymous users. OracleAS Portal security uses the OracleAS Single Sign-On and Oracle Internet Directory facilities built into Oracle Application Server and described in Chapter 4.

OracleAS Portal supports security for both individual users and groups of users. You can define groups of users through the OracleAS Portal administration interface.

For each user or group , you assign one of several security levels, including:

• The ability to completely manage the page, which allows a user to perform any action on the page

• The ability to manage content on the page, with or without an approval process

• The ability to customize portlets on the page

• The ability to customize styles applied to the page

• The ability to view only the page

Each item can have security restrictions attached to it if you have enabled item security for its page. You can have every item on a page or tab inherit the security restriction of the page or tab. Alternatively, you can allow the person contributing the item to assign a specific security level to it. As with styles, you can assign access privileges in a page template and force those security privileges to be assigned to all pages that use the template.

Portlets also have access rights. By default, a portlet inherits its security settings from its provider, but you can assign specific rights to any individual portlet.