53 Security Model
The WEM security model is based on objects, groups, and actions. Objects and groups are predefined in WebCenter Sites (objects in WebCenter Sites map to REST resources in the WEM Framework). Actions are privileges (READ, CREATE) that you create in WebCenter Sites. You must configure security per object type in the WebCenter Sites Admin interface:
-
An object is any entity such as a site, a user, or an asset. Protected objects are of the following types:
-
Asset Type
-
Site
-
User Locale
-
Application
-
Asset
-
Role
-
ACL
-
Index
-
User
-
Group
-
-
Security groups are used to manage multiple user's permissions to operate on objects.
-
Objects of a given type are accessible to a user only if the user belongs to at least one group with privileges to perform specified actions on objects of the given type.
-
An action is a security privilege:
LIST,HEAD,READ,UPDATE,CREATE,DELETE. Groups are assigned privileges to operate on the objects allowed to the groups. Some objects, such as ACLs, are list-only (they are created directly in WebCenter Sites, but not over REST).
A security configuration is an array that specifies:
-
The protected object type and objects
-
Groups that are able to access the objects
-
Actions that groups (and their members) can perform on the objects