Authorization


Authorization is sometimes referred to as access control. Authorization determines what interactions a user is permitted to have with a resource. Administrators configure access to portal resources by assigning roles to users and groups.

WebSphere Portal supports fine-grained access control over resources. Users can select and view only those resources for which they have appropriate access rights. When rendering a resource, WebSphere Portal verifies that the user has appropriate rights to use the requested resource. Access rights are administered through the User Group Permissions and Resource Permissions portlets and stored in the WebSphere Portal database by default. Alternately, you can configure an external security manager, such as Tivoli Access Manager, to protect resources.

Users must successfully authenticate before they are authorized to access a resource. Other than the requirement for a successful authentication, authorization is independent of WebSphere Application Server or any custom authentication proxy. WebSphere Application Server protects servlets and enterprise beans, but WebSphere Portal protects its own internal resources, such as pages and portlets.

See also