Following virtual resources are of my interest recently while working on security setup (These are so useful for the initial security setup with combination of role blocks).
|
Virtual Resource
|
Description
|
|
Content
Nodes
|
The
root node of all pages, labels, and external URLs. Pages contain the content
that determines the portal navigation hierarchy. If a new top-level page is
created, it is automatically a child resource of the Pages virtual resource.
If a new page is created beneath an existing page, the new page is
automatically child of the existing page. Pages inherit access control
configuration from their parent page unless role blocks are used.
|
|
Portal
|
This
is the root node of all resources in the release domain. Roles on this
resource affect all other resources in the release domain by default through
inheritance unless role blocks are used. Resources in other domains like
Templates and Policies are not affected through role mappings on this
resource.
|
|
Content Mappings
|
Use page-based access
control to delegate access control of content items to the web content page
used to display the content.
|
|
Portal
Settings
|
Protects
portal settings that can be modified through the Portal Settings Portlet or
the XML configuration interface. This virtual resource has no child resources.
|
|
Portlet
Applications
|
The
root node of all installed portlet applications. Portlet applications are the
parent containers for portlets. If a new Web module is installed, the portlet
applications that are contained within that Web module are automatically
child resources of the Portlet Applications virtual resource. Portlets that
are contained within a portlet application appear as child nodes of that
portlet application. Thus a two-layer hierarchy consisting of portlet
applications and the corresponding portlets exists beneath the Portlet
Applications virtual resource. Portlets inherit access control configuration
from their parent portlet applications unless role blocks are used.
|
|
PSE
Sources
|
The
root node of all search collections. If a new search collection is created,
it is automatically a child of this virtual resource. Roles on this resource
affect all defined search collections unless role blocks are used.
|
|
URL
Mapping Contexts
|
The
root node of all URL mapping contexts. URL mapping contexts are user-defined
definitions of URL spaces that map to portal content. If a new top-level URL
mapping context is created, it is automatically a child resource of the URL
Mapping Contexts virtual resource. If a new URL mapping context is created
beneath an existing context, the new context is automatically a child of the
existing context. URL mapping contexts inherit access control configuration
from their parent context unless role blocks are used.
|
|
User
Groups
|
The
root node of all user groups. Each user group in the portal inherits its
access control configuration from the User Groups virtual resource. It is not
possible to create role blocks on individual user groups.
|
|
User
Self Enrollment
|
Protects
the Selfcare and User Enrollment facilities (sign up and Edit My Profile).
This virtual resource has no child resources.
|
|
Users
|
This
virtual resource has no child resources. The Users virtual resource protects
sensitive operations that deal with user management. For example, in order to
add a user to a user group, you must have the Security
Administrator@Users role. Users are
implicitly protected resources. Users cannot be protected individually, but
only through their group membership. As a result, it is not possible to have
a role assignment on a specific user. Roles must be on user groups instead.
So, you can edit Mary's user profile if you have a role assignment on some
user group to which Mary belongs.
|
|
VP
URL Mappings
|
Protects
the ability to modify a URL Mapping linked to a virtual portal.
|
|
Web
Modules
|
The
root node of all Web modules. Web modules are portlet WAR files that are
installed on WebSphere Application Server. Web modules can contain multiple
portlet applications. If a new Web module is installed, it is automatically a
child of the Web Modules virtual resource. Roles on this resource affect all
child resources (all installed Web modules) unless role blocks are used.
|
|
XML
configuration interface
|
Protects
the ability to execute XML configuration interface scripts. This virtual
resource has no child resources.
|
|
STEP
UP AUTHENTICATION
|
Protects
the ability to modify the binding of resources such as Portlets or Pages to
an authentication level.
|
|
THEME
MANAGEMENT
|
Lets
users update and modify the portal theme.
|
Note: Role inheritance never crosses domain(release,JCR,community,customization) boundaries, thus limiting the inheritance scope. Therefore, a role assignment for a user on the Content Nodes virtual resource in the release domain will only grant access to Content Nodes resources (pages) in the release domain.
Resources can appear in different domains depending on the type of resource.
- Protected Resources of the release domain can be managed through the access control administration portlets and through the XML Configuration interface
- Policy resources are stored in the JCR domain and can also be managed through the access control administration portlets and through the XML Configuration interface
- Resources in the community domain can only be managed through collaboration application specific administrative portlets. Resources in this domain are not shown in the access control administration portlets
- The customization domain only holds private resources of users. No role assignments are possible in this domain, so resources in this domain are also not shown in the access control administration portlets
Find more information on portal virtual resources at below wiki article
http://www-10.lotus.com/ldd/portalwiki.nsf/dx/Resources_wp7
No comments:
Post a Comment