The PSO administers security from a Web-based graphical interface called Enterprise Security Manager. Enterprise Security Manager is installed with the Enterprise Security services and is supported in a standalone EAServer or WebLogic environment, as well as with Enterprise Portal.
When Enterprise Security is installed with Enterprise Portal, the title on the main window is “Portal Studio.”
Launching Enterprise Security
Manager
Enter this URL in your browser; host and domain identify where the application server is running, and port is the application server’s HTTPS port number; the default for EAServer is 8081:
https://host.domain:port/onepage/index.html
In the Login window, enter your user name and password, and click Login.
If you accepted the defaults during installation, the user name is “pso” and the password is “123qwe”.
Figure 3-1: Enterprise Security Manager
Once you are logged in, you see a multi-pane window that consists of:
Status bar – the lower-left corner of the window displays the user name of the person logged in, and the name of the Enterprise Portal co-brand with which this user is associated; in Figure 3-1, the user name is “pso” and the co-brand is “Portal.” For information about co-brands, see Chapter 11, “Creating Multiple Portals,” in the Enterprise Portal Developer’s Guide.
Toolbar – in the upper-right corner of the window is the static toolbar, from which you can view your account information, access online help, and log out.
Once you select from the menu in the left pane, an application-specific toolbar displays above the right pane; in Figure 3-1, Administer | Organizations is selected, and the application-specific toolbar consists of New and Edit buttons.
The main window is divided into three panes. The selection you make in the left pane determines what displays in the center pane, and your selection in the center pane determines what displays in the right pane.
The Enterprise Security menu options in the left pane allows you to select from:
Administer Organizations – create, edit, and manage users, groups, assets, permissions, and roles.
Configure Domains – configure security domains.
For information about the Build, Automate, and Manage menu options, see the Enterprise Portal Developer’s Guide.
Using Enterprise Security Manager, you can:
Create security objects
View a security object’s properties
Update a security object’s properties
Delete security objects
At the highest level is the root organization container, which is created when you install and configure Enterprise Security services. You can also create suborganizations under the root organization. In each organization and suborganization you can create these security objects:
Users – Enterprise Security users. For each user, you can define a user profile, and proxy authentication information.
Groups – groups of users. If you grant a role to a group, each user in the group has that role.
Roles – a set of permissions to access assets. The permissions assigned to a role define what a user with that role can do in the secured system. You can grant multiple roles to users and groups.
Each role can have multiple permissions assigned to it, which permit access to assets. Examples of permissions are READ, WRITE, DELETE, UPDATE, LIST, and GRANT.
Assets – can include any object to which you want to restrict access. An asset can be a URL, an application, a database, a table in a database, or a column in a table. Every asset can have a custodian who is responsible for that asset. Figure 3-1 displays the assets that are created automatically when you install Enterprise Portal.
