bea.com | products | dev2dev | support | askBEA
 Download Docs   Site Map   Glossary 
Search
e-docs > WebLogic Server > Administration Console Online Help > Compatibility Security

Administration Console Online Help

 Previous Next Contents Index  

 

Weblogic Authorization Provider-->General

Tasks     Related Topics     Attributes

Overview

Use this tab to configure a WebLogic Authorization provider for a security realm.

Note: The Administration Console refers to the WebLogic Authorization provider as the Default Authorizer.

Authorization is the process whereby the interactions between users and resources are limited to ensure integrity, confidentiality, and availability. In other words, authorization is responsible for controlling access to resources based on user identity or other information. In the WebLogic Server Security architecture, an Authorization provider is used to provide authorization services.

By default, the WebLogic Authorization provider is configured in the default security realm (myrealm). You can use a Custom Authorization provider instead of the WebLogic Authorization provider. For a Custom Authorization provider to be available through the WebLogic Server Administration Console, the MBean JAR file for the provider must be in the WL_HOME\lib\mbeantypes directory.

Authorization providers have the choice of implementing the DeployableAuthorizationProvider Security Service Provider Interface (SSPI) or the AuthorizationProvider SSPI. Authorization providers that support deploying policies on behalf of a Web application or Enterprise JavaBean (EJB) need to implement the DeployableAuthorizationProvider SSPI and enable the Policy Deployment Enabled attribute on this tab. The Policy Deployment Enabled attribute is enabled by default for the WebLogic Authorization provider.

Tasks

Configuring a New Security Realm

Configuring the WebLogic Authorization Provider

Configuring a Custom Security Provider

Related Topics

Introduction to WebLogic Security

Managing WebLogic Security

Programmimg WebLogic Security

Developing Security Providers for WebLogic Server

Securing a WebLogic Server Deployment

Upgrading Security in WebLogic Server Version 6.x to WebLogic Server Version 7.0

Security FAQ

The Security page in the WebLogic Server documentation

Attributes

Table 1-9

Attribute Label

Description

Value Constraints

Name

The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration.

MBean: weblogic.security.
providers.authorization.
DefaultAuthorizerMBean

Attribute: Name


Description

A short description of the WebLogic Authorization provider.

MBean: weblogic.security.
providers.authorization.
DefaultAuthorizerMBean

Attribute: Description

Default: "Weblogic Authorization Provider"

Version

this security provider's version.

Each security provider's mbean should set the default value of this read-only attribute to a string that specifies the version of the provider (eg. 7.3.04). In other words, each security provider's mbean hard-wires its version. There are no conventions on the contents of the version string.

MBean: weblogic.security.
providers.authorization.
DefaultAuthorizerMBean

Attribute: Version

Default: "1.0"

Policy Deployment Enabled

Indicates whether this Authorization provider stores policies that are created while deploying a Web application or EJB.

MBean: weblogic.security.
providers.authorization.
DefaultAuthorizerMBean

Attribute: PolicyDeploymentEnabled

Default: new java.lang.Boolean(true)

Valid values:

  • true

  • false

 

Back to Top Previous Next