Oracle® Universal Content Management Web Parts User Guide Release 10gR3 E10884-01 |
|
Previous |
Next |
Home > Web Parts User Guide > Security Considerations > Settings for Content Server...
For fine grain control and better integration with Content Server security, administrators can modify configuration variable settings as follows:
This variable is in the WEB.CONFIG file contained in the WebApp folder (see "Applying Access Permissions for Groups" for the path information).
Locate the setting named:
Stellent.Scs.WebServiceSupport.UseExternalRolesAndAccounts
It is located in the XML file's <appSettings>
section.
The default value of this setting is true
. Change this value to false
.
The user's Windows groups will not be included with their identity when accessing Content Server services.
A likely use for this option is when users might belong to Active directory groups that would map to roles and accounts inappropriate for your environment.
When Content Server security is based on a provider that does not use domain information, such as when the LDAP provider is non-domain passed, and yet a match between the Windows domain user's domain-less user name is needed, the administrator is afforded the ability to remove the domain portion of the user name before WSS uses a Content Server service.
To change this setting:
Using the WSS Config Editor (see Appendix A, "Modifying Configuration Settings"), locate the setting named:
Stellent.Scs.WebServiceSupport.StripDomainFromUserName
The default setting is false
.
Change the setting to true
.
The change will only affect service calls between WSS and Content Server. The net effect is to allow Content Server to match names from non-domain security with Windows users.