Administration Console Online Help

Default Authorization Provider--> General

Tasks     Additional Documentation     Attributes

Overview

Use this tab to configure an Authorization provider for a security realm. Authorization is the process whereby the interactions between users and resources are limited to ensure integrity, confidentiality, and availability. In other words, authorization is responsible for controlling access to resources based on user identity or other information. In the WebLogic Server Security architecture, an Authorization provider is used to provide authorization services.

By default, the WebLogic Authorization provider is configured. You can use a Custom Authorization provider instead of the WebLogic Authorization provider. For a Custom Authorization provider to be available through the WebLogic Server Administration Console, the MBean JAR file for the provider must be in the WL_HOME\lib\mbeantypes directory.

Authorization providers have the choice of implementing the DeployableAuthorizationProvider Security Service Provider Interface (SSPI) or the AuthorizationProvider SSPI. Authorization providers that support deploying policies on behalf of a Web application or Enterprise JavaBean (EJB) need to implement the DeployableAuthorizationProvider SSPI and enable the Policy Deployment Enabled attribute on this tab. The Policy Deployment Enabled attribute is enabled by default for the WebLogic Authorization provider.

Tasks

Configuring an Authorization Provider

Additional Documentation

(Requires an Internet connection.)

Introduction to WebLogic Security

Managing WebLogic Security

Programmimg WebLogic Security

Developing Security Providers for WebLogic Server

Securing a WebLogic Server Deployment

Upgrading Security in WebLogic Server Version 6.x to WebLogic Server Version 7.0

Security FAQ

The Security page in the WebLogic Server documentation

Attributes