A script-enabled browser is required for this page to function properly
Oracle WebCenter Framework
site map
technical illustration to match text
Secure Applications, Portals, and Communities

When building a custom portal using Oracle WebCenter Framework, the portal can be developed to enable "Delegated Administration" capabilities at runtime, such that runtime evolution of the portal can be assigned and managed across different users or groups of users.

With the Oracle ADF extensions provided in Oracle WebCenter Framework, you can define security for an entire application or portal, any page within the application or portal, or individual actions provided by different components. The ADF Security Wizard helps you to easily configure security for your Oracle WebCenter application. Additionally, you can use WS-Security to secure identity propagation for the WebCenter Services and WSRP producers.

Since Oracle WebCenter security is based on the JAAS and Java EE standards, enterprise roles that are defined in an existing identity management store can be leveraged directly when securing an Oracle WebCenter application or portal. You do not need to synchronize roles within the application or portal that you are building; instead, the application references and uses defined users and roles directly. Additionally, you can use file-based security during the development phase of your portal or application, and then easily switch over to enterprise identity management during the deployment phase.

Many applications manage their users and passwords directly and have not been integrated into a single sign-on architecture. As a result, users are forced to remember their various user names and passwords for several different applications. Because you can leverage existing applications that have their own authentication mechanism—such as e-mail—you can use Oracle WebCenter Framework's external application features to map user names from your application to the existing applications. By leveraging Oracle's Credential Store, the disparate user names and passwords can be stored securely so that your end users can provide a single sign-on to access all of their needed applications.