Before you begin
This subtask is part of the main task for creating a security policy. Start with the main task: Create security policies
Note: If you loaded security policies for the Web application from deployment descriptors using the Deployment Assistant, you need to Activate Changes and start the application in order to access the policies.
A security policy for a Web Application resource applies either to the entire Web application and its contents or to individual to resources contained in the Web application, such as JSPs and JARs.
The way you access policies differs slightly depending on how your Web application is deployed. Start with step1 or step 2:
Deployments > MyEAR > Modules > MyWebAppModule
Deployments > MyWebAppModule
To apply a security policy to the entire Web application and its contents: select Security > Application Scope > Policies and go to step 8.
To apply a security policy to a resource within the application: select Security > URL Patterns > Policies to display the Policy Conditions page.
Caution: In WebLogic Server version 8.x the two
characters / * were used by the security container to indicate the
entire Web application contents. Starting with the current version,
BEA recommends that you use the / character, as it is the standard
J2EE syntax used by the Servlet container. If you want to continue
using /* you need to disable the
EnforceStrictURLPattern
field. For more
information, see Reset the
EnforceStrictURLPattern flag