In electronic commerce web-based applications (e-commerce web sites), a user is often granted privileges for certain web pages accessible by the user. Such privileges may govern the information that a user may access or modify on an e-commerce web site.
In computer network contexts, there are different approaches for dividing computer systems or programs into subsets for which different users may be granted different access privileges. For example, such systems are disclosed in U.S. Pat. No. 5,604,490 (Blakley, et al., Feb. 18, 1997) and U.S. Pat. No. 6,119,230 (Carter, Sep. 12, 2000), both of which are incorporated herein by reference. In e-commerce sites that run on a single application, however, typically only one security domain is supported. When a user registers on one of these sites, the user's identity is added to a common registry for the site and the user is accorded a single set of privileges throughout the site.
For such a single security domain site hosting more than one on-line store, each user will be accorded the same privileges in each of the hosted on-line stores. It is frequently desirable to have different, unrelated on-line stores hosted on the same site. For such a system it is advantageous to allow for different privileges for the users at the different stores. In addition, in such a single security domain arrangement, a single administrator of the site will typically manage all the users registered to the site. It is advantageous, however, for a system to potentially restrict certain administrators to the management of users for a particular subset of the security domain, as opposed to the entire security domain.
It is therefore desirable to provide an e-commerce system that permits a single site to be divided into different security domains and in which users may be accorded privileges in a manner that corresponds to the relationships of the stores supported by the e-commerce site.