Saturday, November 26, 2011

Authorization Policy & how to configure one on Oracle Access Manager 11.1.1.5 (11g)

Authorization Policy & how to configure one on Oracle Access Manager 11.1.1.5 (11g)

Each resource assigned to an application domain can be protected by only one authorization policy.
In an automatically generated application domain, the following authorization policies are seeded as defaults:
  • Protected Resource
  • Public Resource

    Administrators can create an authorization policy to protect access to one or more resources based on attributes of an authenticated user or the environment. The authorization policy provides the sole authorization protection for resources included in the policy.
    Authorization policies are local, which means that each policy applies only to the resources specified for the policy. A policy cannot be derived or applied to any other resource.
    A single policy can be defined to protect one or more resources in the application domain. However, each resource can be protected by only one authorization policy.
     OSSO Agents use only the authentication policy and not the authorization
    policies
    .


    Authorization Policy Response
    Authorization Response defines the action that must be fulfilled after successful
    Authorization. 



    Authorization Constraints
    Authorization Constraint is a rule that grants or denies access to a particular resource
    based on the context of the request. Authorization Constraints are applicable specific to
    an Authorization Policy. Constraints have TYPE and CLASS. Constraint Type has the
    values Allow or Deny, which allow or deny access resource. Constraints Class consists
    of Identity, Temporal, and IP4 Range.


     

No comments:

Post a Comment

ForgeRock IAM : OpenDS (Open Directory Server). Importing LDIF files

The most efficient method of importing LDIF data is to take the OpenDJ server offline. Alternatively, you can schedule a task to import the ...