Default Security Configuration

Access control of system resources is achieved by requiring users to authenticate at login and by restricting users to only those resources for which they are authorized.

A default security configuration is available for immediate use after Publisher is installed and is configured to use the Oracle Fusion Middleware security model. Publisher is installed into the Oracle WebLogic Server domain and uses its security realm. The default configuration includes three predefined security stores available for managing user identities, credentials, and Publisher-specific permission grants. Users can be added to predefined groups that are mapped to preconfigured application roles. Each application role is preconfigured to grant specific Publisher permissions.

The Publisher default security stores are configured as described in the table below during installation.

Store Name	Purpose	Default Provider	Options
Identity store	Used to control authentication. Stores the users and groups, and the users group for Oracle WebLogic Server embedded directory server.	Oracle WebLogic Server embedded directory server. Managed with Oracle WebLogic Server Administration Console.	Publisher can be configured to use alternative authentication providers.
Policy store	Used to control authorization. Stores the application role definitions and the mapping definitions between groups and application roles.	system.jazn-data.xml file. Default installation location is `MW_HOME/user_projects/domain/your_domain/config/fmwconfig` Managed with Oracle Enterprise Manager Fusion Middleware Control.	Publisher can be configured to use Oracle Internet Directory as the policy store provider.
Credential store	Stores the passwords and other security-related credentials either supplied or system-generated.	cwallet.sso file. Managed using Fusion Middleware Control.	Publisher can be configured to use Oracle Internet Directory as the credential store provider.