Securing a Repository

You can secure standard repositories, as well as custom ones. If you modified your installation to use unsecured versions of the Merchandising Product Catalog and Price List repositories, you can re-implement the secured versions. The following instructions tell how to secure different types of repositories.

To secure all repositories excluding Merchandising Product Catalog and Price List:

  1. Create and configure a Secured Repository Adapter component. For a versioned repository, this is of class: atg.adapter.secure.GenericSecuredMutableVersionContentRepository`

    The corresponding ATG Content Administration component is called SecuredPublishingRepository; this is described in the ATG Content Administration Programming Guide.

    Note: Each repository requires a unique component instance.

  2. If you have not done so already, make a copy of the /atg/registry/ContentRepositories file in your localconfig directory. In this file, replace the entry for the unsecured repository property with the path and name for the Secured Repository Adapter that you created in step 1.

  3. Specify preliminary access controls to assets in a repository definition file.

    Create and configure a secured repository definition file, as described in the Secured Repositories chapter of the ATG Repository Guide.

  4. Update all views that display assets from the repository you are securing. See Modifying the Views for Secured or Unsecured Repositories.

  5. Include the secured repository in the VersionManagerService as a versionedRepository listing.

To secure the Merchandising Product Catalog repository:

  1. Change the componentPath property of the MerchandisingProductCatalog component to the secured repository.

    Note: MerchandisingProductCatalog is an alias for ProductCatalog. It is found at <ATG10dir>/DCS-UI/config/atg/
    commerce/catalog/MerchandisingProductCatalog.properties    .

    The ContentRepositories.initialRepositories property should always be set to MerchandisingProductCatalog, whose componentPath property is then mapped to the exact repository that is used.

  2. Specify preliminary access controls to assets in a repository definition file.

    Modify the existing definition files listed in the table shown in Configuring Secured and Unsecured Repositories.

  3. Include the secured repository in the VersionManagerService as a versionedRepository listing.

To secure the Price List repository:

  1. Replace the entry for the unsecured repository in the /atg/registry/ContentRepositories.initialRepositories property with the path and name for the secured version of the repository.

  2. Specify preliminary access controls to assets in a repository definition file.

    Modify the existing definition files listed in the table shown in Configuring Secured and Unsecured Repositories.

  3. Update all views that display assets from the repository that you are securing. See Modifying the Views for Secured or Unsecured Repositories.

  4. Include the secured repository in the VersionManagerService as a versionedRepository listing.

After you have set up and secured the repositories, you can change access rights for assets by following the instructions in the Configuring Access Rights for Assets section in the ATG Business Control Center Security chapter of the ATG Business Control Center Administration and Development Guide.