1. Home
  2. Lainnya

The Approval Tasks Tab

15 Managing Authorization Policies 15-1 15 Managing Authorization Policies Oracle Identity Manager controls access to the application by the users to allow or prevent the users to perform various operations in the application. This is controlled by the authorization engine embedded in Oracle Identity Manager with the help of authorization policies. The purpose of authorization policies is to control users access to Oracle Identity Manager application, which includes data, UI, and API. The authorization policies determine at runtime whether or not a particular action is allowed. You can define authorization policies that satisfy the authorization requirements within Oracle Identity Manager. In earlier releases of Oracle Identity Manager, each Oracle Identity Manager feature defines and manages its own authorization policy UI and backend implementation. In Oracle Identity Manager 11g Release 1 11.1.1, authorization policy management is centralized as an administrative feature. Oracle Identity Managers authorization policy management and enforcement engine is now based on an embedded version of Oracle Entitlements Server OES, Oracles industry-leading fine-grained entitlements administration product. These authorization policies secure access control to the Oracle Identity Manager application, thereby defining who can do what inside the application. This centralized definition of authorization policies continues to provide context-sensitive authorizations for each feature as explained in the following sections: ■ Authorization Policy ■ Creating and Managing Authorization Policies ■ Authorization Policies for Oracle Identity Manager Features

15.1 Authorization Policy

You can define and manage authorization policies in the Authorization Policies section of the Oracle Identity Administration. This section is available to users who have the Manage Authorization Policies privilege. The following are the structural components of an authorization policy: ■ Identifying details: Each authorization policy must have a name and description. ■ Oracle Identity Manager feature: Each authorization policy is defined for a specific feature in Oracle Identity Manager. Features are well-defined components in Oracle Identity Manager such as user management and role management. The See Also: Adding and Removing Roles on page 11-41 and Viewing and Administering Roles on page 12-14 for information about assigning roles and privileges

Dokumen yang terkait

Oracle Fusion Middleware Online Documentation Library

0 4 110

Oracle Fusion Middleware Online Documentation Library

0 1 210

Oracle Fusion Middleware Online Documentation Library

0 3 60

Oracle Fusion Middleware Online Documentation Library

0 5 76

Oracle Fusion Middleware Online Documentation Library

0 0 44

Oracle Fusion Middleware Online Documentation Library

0 0 70

Oracle Fusion Middleware Online Documentation Library

0 0 18

Oracle Fusion Middleware Online Documentation Library

0 0 152

Oracle Fusion Middleware Online Documentation Library

0 0 76

Oracle Fusion Middleware Online Documentation Library

0 1 74