In this chapter, we will consider how to manage authorities for the portal.

An authority in the security model can be an object instance related to a single user or a group. An authority can have different types of permissions in the portal context aimed at providing security for accessing specific contents.

We will see how to apply permissions on portal contents for any authority type.

We will also look at how to configure the portal for integrating users from an external store, and how to then configure GateIn to integrate it with a Single Sign On (SSO) system.

Single Sign On (SSO) is a feature of some software systems that allows managing user authentication (and sessions) in a centralized fashion. An SSO system could be based on different authentication mechanisms that will be used to conform all the external systems to a unique supported authentication binding. In this way, users will be able to authenticate on the central system avoiding re-authenticating whenever they need to use any of the systems involved in the same federated infrastructure. The goal of this mechanism is to reduce the number of times that users enter their passwords, in order to avoid phishing and increase security.