Profile-Related Security Policies for Web Services

The atg.security.StandardSecurityPolicy class, which is provided as part of the Dynamo Application Framework layer, supplies the core logic for controlling access to objects secured using access control lists (ACLs). For more information on the StandardSecurityPolicy, see the Managing Access Control chapter of the Platform Programming Guide. The security policies used for profile-related Web services, which are described in this section, extend the StandardSecurityPolicy, appending the ACL returned by the StandardSecurityPolicy with additional access control entries (ACEs) that either grant or deny access to specific personae. (Personae can be users, roles or organizations.)

For more information on how security policies work with Web services, refer to Web Service Security in the Web Services Guide and Repository Web Service Security in the Repository Guide.

This section contains the following topics:

AppendACLPolicy

MethodParameterPolicy

ProfileOwnerPolicy

ProfileAsXMLOwnerPolicy

RelativeRoleByProfileOrgPolicy

Defining Security Functions and Policies

Copyright © 1997, 2014 Oracle and/or its affiliates. All rights reserved. Legal Notices