Controlling access

After creating users and groups, you can assign them different levels of access to specific resources, roles, and policies. This access controls what actions they can perform on various pages, portlets, and applications.

Review the following information and perform the following tasks to control access within IBM® WebSphere® Portal:

Note: If a page or label is not accessible for a user, the user is taken to any page or label higher up in the navigation that is accessible to them. For more information about setting page permissions, see Manage pages portlets.

Managing Access Control
Get familiar with concepts related to administering IBM WebSphere Portal access control. To administer access control, use the Resource Permissions portlet, the User and Group Permissions portlet, the Manage Users and Groups portlet, the XML configuration interface, or the Portal Scripting Interface.
Resources, roles, access rights, and initial access control settings
In order to fine-tune the security measures of your IBM WebSphere Portal environment, the administrator creates resources, roles, and access rights, which allows the administrator to control who has access to various information based on their roles and the access rights to that information.
Access control scenarios
These scenarios provide helpful illustrations on how access control can be set up.
Web Content Manager access control
You can restrict access to selected users and groups to the views within a Web Content Manager authoring portlet, the items that are managed by the authoring portlet, and to elements and pages that are displayed within a website.
Setting user and group permissions
The User and Group Permissions portlet lets you view and modify the roles that users and groups have on resources.
Setting resource permissions
Assign and control access for different types of resources.
Delegated Access Control Administration
IBM WebSphere Portal supports delegated access control administration.
Access Control Caching
Access Control internally uses several caches to improve the access control decision times. You can improve access control performance for special scenarios by setting the lifetime and size properties of these caches in the Cache Manager Service. In most cases, WebSphere Portal will run smoothly with the default cache settings. However, if you have a large number of resources or a large number of customized resources, you may want to adjust cache settings and conduct some tests to find the best performance trade-offs.

Parent topic: Securing