1. Home
  2. Lainnya

Authorization for Proxies Default Authorization Policies

Managing Authorization Policies 15-23 authorization policies, and creating, modifying, and deleting custom authorization policies. The details of the default authorization policy for this feature is the following: ■ Policy Name: Authorization Management Administration Policy ■ Assignee: System Administrators role ■ Functional security: The supported permissions are: – Create Authorization Policies – Delete Authorization Policies – Modify Authorization Policies – Search Authorization Policies These privileges do not support fine-grained attribute-level controls. ■ Data security: This authorization policy does not support any data security. Anybody with the privileges to manage authorization policies can manage any and all authorization policies.

15.3.5 User Management Configuration

The default authorization policy for the user management configuration feature allows users with the System Administrators and USER CONFIGURATION ADMINISTRATORS roles to access all user management configuration operations. This policy has the following details: ■ Policy name: User Management Configuration Administration Policy ■ Assignee: System Administrators and USER CONFIGURATION ADMINISTRATORS roles ■ Functional security: The permissions are: – Add Category – Add Derived Attributes – Create Attribute – Delete Attribute – Delete Category – Set Search Attributes – Set Search Attributes Note: The delete or disable action is controlled by feature-specific UI code, which calls AuthorizationService API to find out whether the user is allowed to perform that action. If the user has the permission, then under Action list on the left pane of the UI, the user can see Delete or Disable options enabled. See Also: Configuring User Attributes in the Oracle Fusion Middleware Administrators Guide for Oracle Identity Manager for information about the user management configuration feature 15-24 Oracle Fusion Middleware Users Guide for Oracle Identity Manager – Update Attribute – Update Category These permissions do not support fine-grained attribute-level controls. ■ Data security: None ■ Description: This policy allows users with the SYSTEM ADMINISTRATORS or USER CONFIGURATION ADMINISTRATORS roles to access all user management configuration actions.

15.3.6 Reconciliation Management

The components of the authorization policies defined for the reconciliation management feature and the default authorization policy for this feature are described in the following sections: ■ Assignee ■ Functional Security ■ Data Security ■ Default Authorization Policy

15.3.6.1 Assignee

The assignee of the policy can be a role or a set of roles.

15.3.6.2 Functional Security

The reconciliation management feature defines multiple privileges from the authorization policy management area. These privileges do not support fine-grained attribute-level controls.

15.3.6.3 Data Security

This authorization policy does not support any data security. A user with the privileges to manage reconciliation events can manage all reconciliation events.

15.3.6.4 Default Authorization Policy

The following table lists the default authorization policies for the reconciliation management feature: Note: When the user is authorized to view all attributes on the pages to create and modify users, if an UDF is created through User Management Configuration, then the UDF is displayed in the pages to create and modify users. See Also: Managing Reconciliation Events in the Oracle Fusion Middleware Administrators Guide for Oracle Identity Manager and Chapter 4, Deployment Configurations for information about the reconciliation feature

Dokumen yang terkait

Oracle Fusion Middleware Online Documentation Library

0 4 110

Oracle Fusion Middleware Online Documentation Library

0 1 210

Oracle Fusion Middleware Online Documentation Library

0 3 60

Oracle Fusion Middleware Online Documentation Library

0 5 76

Oracle Fusion Middleware Online Documentation Library

0 0 44

Oracle Fusion Middleware Online Documentation Library

0 0 70

Oracle Fusion Middleware Online Documentation Library

0 0 18

Oracle Fusion Middleware Online Documentation Library

0 0 152

Oracle Fusion Middleware Online Documentation Library

0 0 76

Oracle Fusion Middleware Online Documentation Library

0 1 74