Security model made easy
First of all, let me mention that by saying Security Model I mean primarily its authorization component . It's the one that defines what users can do and what content they can access. There's also the authentication piece that determines who the user really is, and there's auditing, that keeps track of what people do. We've seen the use of the Content Server log files and the use of providers to connect the Content Server to LDAP for authentication in Chapter 2, Major Controls, so let's focus on authorization.
We will start by placing "red flags" around common confusion points.
Why does it seems confusing
Most of us are used to Windows and UNIX security systems, user groups, file and folder permissions, and so on. We're comfortable with these and are expecting Oracle UCM to work the same way. But it doesn't! What you need is a paradigm shift.
A paradigm shift
We've seen that Content Server is like a database, not like a directory structure. There is no hierarchy, so you...
