Administering security configurations requires an SUP administrator role. Domain administrators cannot modify the assigned security configuration; instead, they can map roles for the configuration at the domain and package level.
Security configuration administration follows this sequence:
- A platform administrator:
- Creates a security configuration.
- Creates and configures the providers used by the security configuration. You must configure at least one authentication provider, however, you can use multiple providers of different types.
- Assigns the security configuration to the domain. You must assign at least one security configuration.
- Assigns domain administration privileges to users.
- Once assigned a domain and a security configuration, the domain administrator can set the security configurations for the packages in the domain. If the packages use any logical roles, the domain administrator can also perform role mapping between the logical roles and physical roles of the package security provider.