Object space management

Security Verify Access represents resources to be protected with a virtual representation of the object space that is called the protected object space.

An object space consists of resource objects and container objects. Resource objects are logical representations of resources to be protected. Use Container objects to group resource objects and other container objects hierarchically into logical groups or regions. Grouping similar objects makes it easier for you to administer a consistent security policy.

Security policy is applied by attaching access control list (ACL) policies, protected object policies (POPs), and authorization rules to the objects in the object space. These objects represent the physical resources you want to protect. The Security Verify Access authorization service evaluates user credentials and the conditions specified in the security policy. Then, Security Verify Access determines whether to permit or deny access to resources.

The following object spaces are created during the installation of Security Verify Access products:

The /Management object space during the installation of any Security Verify Access product, if it does not exist
The /WebSEAL object space during the installation of Security Verify Access

In the following sections, instructions are provided for using either Web Portal Manager or pdadmin, or both. For online help while usingWeb Portal Manager, click the question mark to open a separate help window for the current page.

Note: There are no equivalent pdadmin commands for importing, exporting, and copying object spaces.