Managing Content Repositories 11-21 Section 11.2.3.3.5, How to Create Users using the Fusion Middleware Control Console and then grant roles to these users, as described in Section 11.2.3.3.6, How to Grant a Role to a User using the Fusion Middleware Control Console. ■ Migrating security: Migrate these security groups, folders, users, and roles to your production environment. For information, see Section 11.2.3.3.7, How to Migrate Security to a Production Environment. or directly go to Section 27.2.5, Post-deployment Security Configuration Tasks. The procedures described in this section apply to the Documents service including wikis and blogs and Content Presenter.

11.2.3.3.1 How to Create a Security Group using the Oracle Content Server Console To create

a security group: 1. Log into the Oracle Content Server Console as an administrator.

2. From the Administration menu, choose Admin Applets.

3. On the Administration Applet page, click User Admin to display the User Admin

dialog.

4. From the Security menu, choose Permissions by Group.

5. In the Permission By Group dialog, click Add Group.

6. In the Add New Group dialog, enter a group name, for example, WikiBlog.

7. Click OK.

This security group will be assigned to the Security folder that you will create in the next section.

11.2.3.3.2 How to Create a Folder using the Oracle Content Server Console To create a folder:

1. Log into the Oracle Content Server Console as an administrator.

2. From the Browse Content menu, choose Contribution Folders to display the root

directory in which you will create a folder.

3. On the Contribution Folders page, from the New Item menu, choose New Folder

to display the Hierarchy Folder Configuration page. 4. In the Virtual Folder Name field, enter a meaningful name, for example WikiBlog. 5. Under the Folder Information section, in the Title field, enter a meaningful title, for example, WikiBlog.

6. From the Security Group dropdown, select WikiBlog that you created as

described in Section 11.2.3.3.1, How to Create a Security Group using the Oracle Content Server Console . All items in this folder will inherit the security from this security group. 11-22 Oracle Fusion Middleware Administrators Guide for Oracle WebCenter Figure 11–8 Folder and Security Group

7. Click Save.

11.2.3.3.3 How to Create Roles using the Oracle Content Server Console To create roles:

1. Log into the Oracle Content Server Console as an administrator.

2. From the Administration menu, choose Admin Applets.

3. On the Administration Applet page, click User Admin to display the User Admin

dialog.

4. From the Security menu, choose Permissions by Role.

5. In the Permission By Group dialog, click Add New Role.

6. In the Add New Role dialog, enter a name, for example, WikiBlog.

7. Click OK. This displays the Permission By Role dialog.

8. In the GroupsRights column, select the security group that you created earlier for example, WikiBlog, as described in Section 11.2.3.3.1, How to Create a Security Group using the Oracle Content Server Console.

9. Click Edit Permissions.

10. In the Edit Permissions dialog, select all checkboxes: Read, Write, Delete, and Admin, and click OK. The RWDA access is enabled, as shown in Figure 11–9 . Figure 11–9 RWDA Permissions 11. Create another role, for example WikiBlogRO, by performing steps 4 to 7. Managing Content Repositories 11-23 12. Enable the Read permission for this role by following steps 8 to 10 and selecting the Read checkbox in the Edit Permissions dialog.

11.2.3.3.4 How to Create Roles Groups using the Fusion Middleware Control Console In this

section you will create two roles: a role with read access and another role with full read, write, delete, administer access. To create roles groups: 1. Log into the Fusion Middleware Control Console as an administrator.

2. Under Domain Structure, click Security Realms.

3. In the table under the Summary of Security Realms section, click myrealm, for

example. IMPORTANT : myrealm uses the integrated LDAP that ships with Oracle WebCenter. For your enterprise implementation there may be a different LDAP, and therefore, you must use that instead of this integrated LDAP.

4. Select the Users and Groups tab and then the Groups subtab.

5. Under the Groups section, click New to display the Create a New Group section.

6. In the Name field, enter the name of the role to which you granted full access in

Oracle Content Server for example, WikiBlog, as described in Section 11.2.3.3.3, How to Create Roles using the Oracle Content Server Console , and click OK. 7. Create a role or group with the read permission for example, WikiBlogRO by performing steps 5 and 6. The name of this role must match that you specified in Oracle Content Server, as described in Section 11.2.3.3.3, How to Create Roles using the Oracle Content Server Console.

11.2.3.3.5 How to Create Users using the Fusion Middleware Control Console In this section

you will create two users: a user for the read role and another for the full access read, write, delete, administer role. To create users: 1. Log into the Fusion Middleware Control Console as an administrator.

2. Under Domain Structure, click Security Realms.

3. In the table under the Summary of Security Realms section, click myrealm, the

built-in realm that works with the integrated LDAP.

4. Select the Users and Groups tab and then the Users subtab.

5. Under the Users section, click New to display the Create a New User section.

6. In the Name field, specify a name, for example Joe.

7. In the Password field, specify a password.

8. In the Confirm Password field, enter the password again, and then click OK.

9. Create another user by performing steps 4 to 8.

11.2.3.3.6 How to Grant a Role to a User using the Fusion Middleware Control Console In this

section you will grant the roles you created in Section 11.2.3.3.4, How to Create Roles Groups using the Fusion Middleware Control Console to the users you created in Section 11.2.3.3.5, How to Create Users using the Fusion Middleware Control Console . To grant a role to a user: