- Resource Persmissions
- User and Groups Permission
- Manage Users and Groups
- Portal Scripting interface
By default access control data is stored in websphere portal database but you can configure external security manager to store part of access control data and to manage role assignment.
All unauthenticated users are considered anonymous users. Anonymous user has specific access to a resource or service.
The Administrator@Portal and Security Administrator@Portal roles contain a special permission that is not available to any other role. This permission allows the Administrator or Security Administrator to make arbitrary changes to the access control configuration of all resources. The Administrator and Security Administrator can create and delete roles, role assignments, and role blocks. If the configuration allows an external security manager such as IBM Tivoli Access Manager for e-business to manage role assignments, additional privileges need to be set to allow arbitrary changes to the access control configuration. To change the access control configuration for resources that are externally managed, you must have the Administrator@External Access Control or the Security Administrator@External Access Control role.