Contents for Securing WebLogic Resources
Introduction and Roadmap
Document Scope
Documentation Audience
Guide to this Document
Related Information
Tutorials and Samples
New and Changed Features In This Release
Resource Types
EJB and Web Application Resources
WorkContext
Admin Resources
JDBC Resources
Server Resources
Roles and Policies
Role and Policy Expressions
Role and Policy Management
New Default Group and Role
MBean Protections
Understanding WebLogic Resource Security
Overview of Securing WebLogic Resources
Resource Security Process
Securing WebLogic Resources: Main Steps
Types of WebLogic Resources
Overview of WebLogic Resource Types
Administrative Resources
Administrative Operations
Application Resources
COM Resources
Enterprise Information Systems (EIS) Resources
EJB Resources
Java DataBase Connectivity (JDBC) Resources
JDBC Operations
Java Messaging Service (JMS) Resources
JMS Operations
Select ALL Methods
Select Individual Methods
Java Naming and Directory Interface (JNDI) Resources
JNDI Operations
Server Resources
Server Operations
Layered Security Scheme for Server Resources
Default Security Policies for Server Resources
MBean Protections
How the WebLogic Security Service Enforces Layered Protections
Maintaining a Consistent Security Scheme
Permissions for Starting and Shutting Down Servers
Permissions for Using the weblogic.Server Command
Permissions for Using the Node Manager
Web Application Resources
Web Service Resources
Work Context Resources
Accessing Resources Using the Administration Console
Options for Securing EJB and Web Application Resources
Security Techniques and Security Models
JAAC Security
Choose a Security Technique
Using the WebLogic Server Administration Console
Using Deployment Descriptors
Using the Administration Console and Deployment Descriptors
Choose a Security Model
Deployment Descriptors Only Model
Customize Roles Model
Customize Roles and Policies Model
Security Realm Configuration (Advanced Model)
Using the Advanced Security Model
Understanding How to Check Security Roles and Security Policies
Using the fullyDelegateAuthorization Flag
Understanding the On Future Redeploys Setting
How The Check Roles and Policies and On Future Redeploys Settings Interact
How to Modify Check Roles and Policies and On Future Redeploys Settings
Using the Combined Technique with the Advanced Security Model
Copying Security Configurations From a Deployment Descriptor
Reinitializing Security Configurations
Understanding the Combined Role Mapping Enabled Setting
Usage examples
Changing the default setting
Users, Groups, And Security Roles
Overview of Users and Groups
Default Groups
Adding Users To Administrators Group
Using the Administration Console to Manage Users and Groups
Overview of Security Roles
Dynamic Role Mapping
Dynamic Role Mapping and Security Policies
Types of Security Roles: Global Roles and Scoped Roles
Default Global Roles
Protected MBean Attributes and Operations
Components of a Security Role: Conditions, Expressions, and Statements
Role Conditions
Basic Role Conditions
Date and Time Role Conditions
Context Element Role Conditions
Role Expressions
Role Statement
Using the Administration Console to Manage Security Roles
Security Policies
Overview of Security Policies
Security Policy Granularity and Inheritance
Security Policy Storage and Prerequisites for Use
Default Security Policies
Protected Public Interfaces
Components of a Security Policy: Conditions, Expressions, and Statements
Policy Conditions
Basic Policy conditions
Date and Time Policy Conditions
Context Element Policy Conditions
Policy Expressions
Policy Statement
Using the Administration Console to Manage Security Policies