Security Model for WebCenter Portal Pages

In PS3, the WebCenter Portal Framework allows you to create page hierarchies.  As you may know, it is typical to manage Portal pages in a hierarchical way.  The hierarchical structure allows ease of management and security provisioning.   In this blog post, I want to give a quick overview of the new model for securing page hierarchies.  Here is the algorithm:

  • root page has a default entitlement (policy)
  • subordinate pages may inherit entitlement from parent page
  • subordinate pages may override default by specifying a new entitlement
  • to be able to a view a page, one should have “view” access on all parent pages in the hierarchy

Let’s look at an example.  All the subordinate pages – i.e. “hardware”, “software”, “warranty” pages inherit entitlements from “products” page.   Here, we have placed an entitlement on products page.  The entitlement grants access rights to the marketing-role.

Subordinate pages (like “hardware”) inherit entitlements from “products” page. i.e. marketing-role has all access rights that it was granted at the “products” page level.

Now, lets see the effect of these entitlements at runtime.  Login as mark (marketing-role).  He should be able to create a subordinate page under “products” and also perform operations like “edit” for all pages under “products”.

If we login as another user (say “sam” who is not in marketing-role), he will not be able to create a subordinate page (see “create page” option is disabled) and perform operations like “edit” etc. for any page under “products”

For more detailed information, refer to “Securing your WebCenter Portal Application” section in WebCenter Developer Guide here.

2 Responses

  1. Is the same feature available in Spaces?
    The only way I can see to do this is from the – administration > Resources > navigation
    and manually adding links to the pages in the hierarchy order that I want.

    I couldn’t see any way to select a parent page when creating a new page – which user would find more intuitive.

    Thanks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: