Part I

Architecture

Part I contains the following chapters:

• Chapter 1, "Introduction"

• Chapter 2, "Planning a Security Strategy"

During the planning stage, you determine how many and which authentication providers to use. You also determine how to set up your roles and how that relates to your user, group, and user profile strategy. You also start creating visitor entitlement roles and a hierarchy of delegated administration roles. Developing a security strategy can save you time during the other phases of the portal life cycle.You can access existing user stores using the authentication providers WebLogic Server provides, or by developing and configuring one of your own. WebLogic Server provides RDBMS authentication providers including the SQL Authenticator, Read-only SQL Authenticator, and Custom RDBMS Authenticator. WebLogic Server also provides authenticators for its embedded LDAP server and external LDAP servers including Open LDAP, Sun iPlanet, Microsoft Active Directory, and Novell NDS LDAP servers. The default authentication provider for WebLogic Portal is the SQL Authenticator, but you can use only a custom authentication provider, or a combination of WebLogic and custom providers.You can create roles based on existing groups and create additional roles depending on how you want to administer your portal applications and what you want visitors to your portal applications to be able to view and modify.The authentication and authorization strategies that you implement in a test or staging environment might be different from those on a production system.

For a detailed description of the architecture phase of the portal life cycle, see the Oracle Fusion Middleware Overview for Oracle WebLogic Portal.