Securing a catalog allows certain users to view and edit a catalog while preventing other users from doing so. Oracle ATG Web Commerce implements a security policy for catalogs based on the secured repositories feature (for more information, see the Secured Repositories chapter in the ATG Repository Guide).

In the catalog security policy, an access control list (ACL) is stored for each individual item (catalog, product, SKU, media) except for category; the ACL of a category is the same as the ACL of the catalog that contains it. The ACL contains lists of users or groups of users, and the permissions they have.

Note: If you are using Oracle ATG Web Commerce Business Intelligence for reporting with secured catalogs, in order for the ProductCatalog logs to be created during deployment, you must create a server_name/localconfig/atg/reporting/datacollection/commerce/ProductCatalogDeploymentListener.properties file with the following contents:

repositoryPathAliasMap=\
/atg/commerce/catalog/SecureProductCatalog=/atg/commerce/catalog/
ProductCatalog
sourceRepositoryPathToItemDecriptorNames+=\
/atg/commerce/catalog/SecureProductCatalog=category;product;sku;promotion

See the Preparing to Use Commerce Reporting chapter in this guide for information on data logging.