Skip Headers
Oracle® Fusion Middleware Security Guide for Oracle WebLogic Portal
10g Release 3 (10.3.2)

Part Number E14251-03
Go to Documentation Home
Go to Table of Contents
Go to Feedback page
Contact Us

Go to previous page
Go to next page
View PDF

Part I


Part I contains the following chapter:

During the planning stage, you determine how many and which authentication providers to use. You also determine how to set up your roles and how that relates to your user, group, and user profile strategy. You also start creating visitor entitlement roles and a hierarchy of delegated administration roles. Developing a security strategy can save you time during the other phases of the portal life cycle.You can access existing user stores using the authentication providers WebLogic Server provides, or by developing and configuring one of your own. WebLogic Server provides RDBMS authentication providers including the SQL Authenticator, Read-only SQL Authenticator, and Custom RDBMS Authenticator. WebLogic Server also provides authenticators for its embedded LDAP server and external LDAP servers including Open LDAP, Sun iPlanet, Microsoft Active Directory, and Novell NDS LDAP servers. The default authentication provider for WebLogic Portal is the SQL Authenticator, but you can use only a custom authentication provider, or a combination of WebLogic and custom providers.You can create roles based on existing groups and create additional roles depending on how you want to administer your portal applications and what you want visitors to your portal applications to be able to view and modify.The authentication and authorization strategies that you implement in a test or staging environment might be different from those on a production system.

For a detailed description of the architecture phase of the portal life cycle, see the Oracle Fusion Middleware Overview for Oracle WebLogic Portal.