94 Certification Study Guide: IBM Tivoli Access Manager for e-business 6.0
other hand, are configured into an Access Manager domain by specifying the
domain name during the configuration of the Java application.
4.1.2 Protected object space
Tivoli Access Manager represents resources within a domain using a virtual
representation called the
protected object space. The protected object space is
the logical and hierarchical portrayal of resources belonging to a domain.
The protected object space consists of two types of objects:
Resource objects Resource objects are the logical representation of actual
physical resources, such as files, services, Web
resources, message queues, and so on, in a domain.
Container objects Container objects are structural components that enable
you to group resource objects hierarchically into distinct
functional regions.
Security policy can be applied to both types of objects. Figure 4-1 shows a logical
representation of a protected object space with multiple container and resource
objects.
Figure 4-1 Access Manager protected object space
The structural top, or start, of the protected object space is the root container
object, which is represented by a forward slash (/) character. Below the root
container object are one or more container objects. Each container object
Root
(/)
Web ObjectsManagement Custom
HR Web
General
Web
Finance
Web
index.htmlcgi-bin ledger reports
1.html 2.html 3.html
1.exe 2.exe
Containter Objects
Resources Objects
Chapter 4. Configuration and customization 95
represents an object space consisting of a related set of resources. These
resources can be resource objects or other container objects.
Tivoli Access Manager creates an object space called /Management that
consists of the objects used to manage Tivoli Access Manager itself. Figure 4-2
shows the complete /Management object space that is created during the
installation of Tivoli Access Manager.
Figure 4-2 Access Manager default object space
Each resource manager that protects a related set of resources creates its own
object space. For instance, the WebSEAL resource manager, which protects
Web-based information and resources, creates an object space called
/WebSEAL.
Using both administrative tools, you can perform the following actions on the
object space:
Create object space
List object space
Delete object space
Web Portal Manager can be used to perform some additional actions:
Copying object space
Importing object spaces
Exporting object spaces
In addition to object space actions, similar actions can be performed on the
objects:
Create object
List object
Get Certification Study Guide: IBM Tivoli Access Manager for e-business 6.0 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
