WebCenter Portal Security Layers

WebCenter Portal Security Layers

WebCenter Portal applications share the same four bottom security layers (WebCenter Security Framework, ADF Security, OPSS, and WebLogic Server Security). The application layer will, of course, depend on the implementation.

1. WebCenter Portal Application Security
WebCenter Portal provides support for:
• Application role management and privilege mapping
• Self-registration
• Portal-level security management
• External application credential management

2. WebCenter Portal Security Framework
The WebCenter Portal Security Framework provides support for:
• Service Security Extension Framework (a common permission-based and role-mapping based model for specifying the security model for services)
• Permission-based authorization
• Role-mapping based authorization
• External applications and credential mapping
3. ADF Security
ADF Security provides support for:
• Page authorization
• Task flow authorization
• Secure connection management
• Credential mapping APIs
• Logout invocation, including logout from SSO-enabled configurations with Oracle Access Manager and Oracle SSO
• Secured login URL for ADF Security-based applications (the adfAuthentication servlet)

5. Oracle Platform Security Services (OPSS)
OPSS provides support for:
• Anonymous-role
• Authenticated-role
• Identity store, policy store, and credential store
• Identity Management Services
• Oracle Web Service Manager Security
• Authorization
• Policy and Credential Lifecycle

6. WebLogic Server Security
WebLogic Server Security provides support for:
• WebLogic authenticators
• Identity asserters
• J2EE container security
• SSL