User account security is managed through the atg.security
API. Using this API, you can manage persistent user accounts, look up user identities and associate them with roles, manage access control lists, and tie together multiple security systems running against the same user account database and/or authentication mechanisms.
The Security Services Interface is a set of fast, flexible APIs that you can use in an application to provide security for the application’s features. The Security Management Interface enables programmers to configure account and privilege information with minimal programming.
Note: If you are using Oracle Access Management (OAM) to provide Business Control Center users Single Sign On functionality, all authentication for these users is performed by OAM. Refer to the Using Oracle Access Manager for Single Sign On section of the Platform Installation and Configuration Guide for further information.
In this chapter
This chapter covers the following topics:
Security Services Classes and Interfaces: Outlines the main interfaces, objects and classes of the Security Services.
Extending the Security Model: Provides examples of extending the default security model and authenticating a user.
Configuring Access Privileges: Describes how to configure and restore the Oracle Commerce Platform’s default login accounts, and how to create accounts, groups, and privileges using the ATG Control Center.
Configuring LDAP Repository Security: Describes how to configure an Oracle Commerce Platform application to use an LDAP repository to authenticate users and groups.