If you are using the Advanced security model to secure EJB and Web Applications, one of your options is to copy security configurations from deployment descriptors on an initial deployment and use the WebLogic Server Administration Console for subsequent modifications. For more information, see Using the Combined Technique Wiith The Advanced Security Model
To copy security information from deployment descriptors:
You are telling WebLogic Server that you want the WebLogic Security Service to control security on all Web application and EJB resources.
You are telling WebLogic Server to copy the security settings for Web application and EJB resources from the deployment descriptors into the configured Authorization and Role Mapping providers’ databases each time you deploy the resource.
After you finish
Caution: You must revert the On future Deploys setting to Ignore roles and policies from DD for subsequent deployments of the application. Otherwise, you might override security configurations you set in The Console. See Revert the On Future Redeploys setting