A script-enabled browser is required for this page to function properly.

How does security work?

Skip Navigation Links| Related Help Topics | Additional Information |

Back to top

OracleAS Portal enforces the privilege levels you set to ensure protection of your data. To determine any user or group's access to an object, OracleAS Portal uses the answers to the following questions:

Let's look at each of these questions individually.

Is the object public or restricted to certain users?

All objects in OracleAS Portal are either public or controlled by an access list. The access list states which users and groups can interact with the object and to what extent. If the object is public, anyone can see it, even users who do not log on.

Have you or your groups been granted a privilege on the object?

If an object is not public, it is controlled by an access list. The creator of the object, or someone with the item privilege Manage on the object, uses this list to explicitly grant privileges to users or groups. For example, one group might be able to see the object, but not change it, while another might be able to do anything to the object. All members of a group have the same level of access to an object. That is, one cannot grant access to everyone in a group EXCEPT one or two members.

To see what privilege you have been granted on an object, check the object's Access tab. If you cannot edit the object, you cannot see the Access tab. Contact the object's owner or the portal administrator to change your level of privilege on an object.

Have you or your groups been granted a global privilege on the object type?

A global privilege applies to all objects of a given type. For example, if you have the global privilege Manage on the object type All Styles, you can create, delete, or change any style within OracleAS Portal. Global privileges, which can be applied to both groups and users, are a means of implicitly granting access to an object. Contrast this to the object's access list, through which privileges are explicitly granted.

Do you belong to one of the special groups created by OracleAS Portal?

When your user account is created, the portal administrator decides if you are allowed to log on. If you are, you are an authorized user. If you are not, you are a public user. Authorized users are added to the Authenticated Users group, one of the four default groups. This group has the global privilege Create for the object types All Pages and All Styles. This means that any authorized user can create these objects.

The portal administrator may also assign you to one or more special groups: Portal Administrators, Portlet Publishers, or Portal Developers. Each of these groups has their own set of global privileges.

Notes

Back to topRelated Help Topics

Concepts:

Back to topAdditional Information

Portal Center:

For more information, go to the Oracle Portal Documentation page on the Oracle Technology Network.