Enterprise Security supports J2EE security by providing a bridging mechanism that integrates J2EE, the application server, and Enterprise Security, securing all applications and components hosted on your application server.
EP objects (applications, catalogs, portlets, pages, and so on) can be secured using J2EE roles. Secure EP applications can then access other J2EE services and features on the application server. Enterprise Security provides the underlying login authentication and role authorization services, which enable the application server to determine whether clients have the appropriate access permissions.
Configuring EAServer security
For instructions on configuring security profiles, EAServer roles, EAServer listeners, and EAServer identities, see Chapter
11, “Security Configuration Tasks,” in the EAServer
Security Administration and Programming Guide.
EP maintains a set of J2EE roles that are used to control access to EP objects, such as portlets. These roles must also be known by the application server, either through implicit role mapping or by explicitly mapping the roles.
To access the portal, new users log in to Portal Interface. From Portal Interface, users register with the portal and become a member of the Enterprise Security self-registration group (SelfRegGroup). If you want roles to be granted automatically to users who self-register, grant these roles to the self-registration group—see “Managing a group’s roles”. This assumes that you have created and deployed portlets that users can access. Enterprise Portal includes some sample pages and portlets that are protected by the PortalUser role. If you want users who self-register to have access to these objects, grant the PortalUser role to the self-registration group.
