Oracle Fusion Middleware Deployment Planning Guide for Oracle Directory Server Enterprise Edition

Using Roles Securely

Not every role is suitable for use within a security context. When creating a role, consider how easily it can be assigned to and removed from an entry. Sometimes, users should be able to add themselves to or remove themselves from a role. However, in some security contexts such open roles are inappropriate. For more information, see Directory Server Roles in Oracle Fusion Middleware Reference for Oracle Directory Server Enterprise Edition.