Table Of Contents
Overview of the PAP Console
Overview of the PAP Console
The Policy Administration Point (PAP) component is used by the administrators of an enterprise to define fine-grained authorization policies for the enterprise users who need to access various software components to carry out their day-to-day tasks.
The PAP provides central administration, management, and monitoring of entitlement policies through the PAP administration console user interface.
The key capabilities of the PAP are:
•Create and configure users, user groups, roles, and resources.
•Import and synchronize users and user groups in the external data repositories like LDAP-based directory services.
•Create and configure the Policy Decision Point.
•Checks the entitlements for the User/Role/Group/Resource by associating the PDP to an application.
•Refreshes the PDP cache.
•Define policies to provide fine-grained access permissions to resources for users, user groups, and roles using complex rules and contexts.
•Create and configure rules that are based on internal attributes as well as on external attributes that exist in external data sources like external databases, LDAP directories, Java classes, and web services.
•Check entitlement policies for entities, view admin and runtime logs.
•Create PAP users and delegate full or partial authorization to use the PAP.