Resources, roles, and policies

Learn about Portal resources, roles, access rights, and initial access control settings.

• Resources

  Resources are organized in a hierarchy. Resources in the hierarchy propagate their access control configuration to all of their child resources.

  For example, if a user has the Editor role on the Market News Page, then by default that user also has the Editor role on all pages that are children of the Market News Page. Resource instances are specific resources, such as a single portlet or page. Each resource instance belongs to only one resource type.

  For example, the resource instance Market News Page would belong to the Content Nodes resource type.

• Roles

  A role combines a set of allowed actions with specific Resources.

  This set of allowed actions is called a role type.

  For example, the role type Editor contains allowed actions like view resources, modify resources, and create new resources. Roles are denoted as RoleType@Resource.

  For example, the Editor role type combined with the Market News Page resource results in the role Editor@Market News Page. By default, this role would also allow Editor-style access on descendant resources underneath the Market News Page through inheritance.

• Access rights

  View mappings of sensitive operations for a resource to the roles required to perform the operations. Sensitive operations include simple tasks like viewing a portlet on a specific page, and complex, high-risk tasks like running XML configuration interface scripts.

• Initial Access Control Settings

  The administrative user who installs WebSphere Portal has a default set of access rights.

Parent topic:

Controlling access

---