3 Getting Started with Oracle Authorization Policy Manager

Oracle Authorization Policy Manager user interface uses the following general operational principle: first the administrator identifies a security object (by browsing or searching), and then, once the object has been selected, he chooses one of the operations available on it.

This chapter describes the major tabs, the navigation panel, how to use the navigation panel to carry out simple queries on various artifacts, the online help system, and some frequent uses of Authorization Policy Manager.

This information is presented in the following sections:

3.1 The Two Major Tabs

Authorization Policy Manager contains the following three major tabs:

3.1.1 The Authorization Management Tab

The Authorization Management tab is used to search and maintain security artifacts. For details, see Chapter 4, "Querying Security Artifacts," and Chapter 5, "Managing Security Artifacts."

3.1.2 The System Configuration Tab

The System Configuration tab is used to specify delegated administrators, that is, to define the external roles that can manage a prescribed set of applications. For details, see Chapter 6, "Delegated Administration."

3.2 The Welcome Page

Upon a successful log in, Authorization Policy Manager displays the Welcome page, partially illustrated in Figure 3-1. This page contains is divided into the following areas:

  • The APM Resource Center area contains links to some of the most commonly used procedures, including how to get started; configuring application access (or how to define the map between application roles and external roles), an application policy, delegated administration; and how to navigate through the tool UI.

  • The Global area contains links to procedures that pertain artifacts shared across all applications, including searching external roles.

  • The Applications area contains, at the top, a pull-down listing the application stripes in the policy store used to select the stripe to manage. This area also contains links to procedures, including searching and creating entitlements, resources, resource types, application roles, and application policies.

Figure 3-1 The Welcome Page

Surrounding text describes Figure 3-1 .

3.3 The Navigation Panel

The navigation panel help users finding security artifacts by browsing or searching. For details about using the navigation panel to search, see Finding Artifacts with a Simple Search.

The navigation panel, partially illustrated in Figure 3-2, is a collapsible and expandable panel that contains, from top to bottom, the following UI gadgets:

  • A pull-down list to select the scope of a simple search. The scope can be global or specific to a selected application stripe.

  • A pull-down list to select the artifact to query with a simple search. When the search scope is global, the list shows global artifacts; when specific to an application stripe, it shows application policy artifacts.

  • A text box to enter a string that the simple search should match. The string you enter is compared against the name and display name of security artifacts, and those that match are displayed in the Search Results tab.

  • The Browse tab, which displays the following expandable and collapsible hierarchy of nodes:

    • The Global node, from where to access global artifacts such as external roles.

    • One node per application stripe and to which the logged in user has access. Note that the list of applications shown depends on the logged in user. For details, see Chapter 6, "Delegated Administration."

      From any of these nodes, one can access application-specific artifacts such as resource types, entitlements, resources, policies, and the role category.


      As mentioned above, each node in the hierarchy identifies a application stripe in the domain policy store. Several applications can share a logical stripe.

      Typically, each J2EE/ADF or J2SE application has its own application stripe which is not shared with any other applications; but when several applications make up a larger logical application, then an application stripe can be shared by those applications members of the larger one.

  • The Search Results tab, which displays the results of the last simple search.

Figure 3-2 The Navigation Panel

Surrounding text describes Figure 3-2 .

3.4 Finding Artifacts with a Simple Search

The top of the navigation panel, shown in Figure 3-2, is used to specify simple queries. Advanced queries are also available; for details see Chapter 4, "Querying Security Artifacts."

To specify a simple search, proceed as follows:

  1. Select the search scope from the pull-down list at the top of the navigation panel.

  2. Select the object type to search from the pull-down list second from the top. The list of available object types varies according to the search scope selected.

    If you select Resource Instance (on an application), you must also select the Resource Type from the pull-down list next to the object type box.

  3. Enter a string to match in the text box, possibly using the wildcard characters % or * (the wild character matches any character in the pattern).

    The search returns all names and display names of the object type selected that match the specified string; leave this box empty to obtain the list of all objects of the specified type.

  4. Click the Go button to trigger the search and to display the results in the tab Search Results, which is automatically brought to the foreground when the search is completed. Positioning the cursor on the blue information button next to an item displays the item details. The Search Results tab shows at most the first 200 matches found by the search.

  5. Once an item is selected in the Search Results, it can be opened or edited by clicking Open or Edit at the top of the table.

Figure 3-3 illustrates the results of a simple search on roles for an application and the details of an application role returned by the simple search.

Figure 3-3 The Search Results Tab

Surrounding text describes Figure 3-3 .

3.5 Online Help

To access online help documentation, on the upper right corner of any window, click Help to bring up the help window, partially illustrated in Figure 3-4.

In this window, you can select the documentation to view by choosing an item from the pull-down Book box. Selecting Authorization Policy Manager Online Help displays several topics in the online documentation; selecting Administrator's Guide for Authorization Policy Manager displays the table of contents of this guide.

Also you can search for a string in a displayed page (Find in Page) or within either of the two books available (select book and use Search).

Figure 3-4 Online Help Window

Surrounding text describes Figure 3-4 .

3.6 Some Frequently Used Operations

The following scenarios describe frequent uses of Authorization Policy Manager: