Skip navigation.

eDocs Home > BEA WebLogic Server 9.1 Documentation > Administration Console Online Help > Configure new security realms

Administration Console Online Help

PreviousNextvertical dots separating previous/next from contents/index/pdfContents

Configure new security realms


To configure a new security realm:

  1. If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
  2. In the left pane, select Security Realms.

    All the security realms available for the WebLogic domain are listed in the Realms table.

  3. Click New.
  4. On the Create a New Realm page, enter the name of the new security realm.
  5. You have the option of loading credential maps from weblogic-ra.xml deployment descriptor files into the embedded LDAP server and then using the WebLogic Server Administration Console to create new credential maps or modify existing credential maps.

    Once information from a weblogic-ra.xml deployment descriptor file is loaded into the embedded LDAP server, the original resource adapter remains unchanged. Therefore, if you redeploy the original resource adapter (which will happen if you redeploy it through the WebLogic Server Administration Console, modify it on disk, or restart WebLogic Server), the data will once again be imported from the weblogic-ra.xml deployment descriptor file and credential mapping information may be lost.

    To avoid overwriting new credential mapping information with old information in a weblogic-ra.xml deployment descriptor file, select the Ignore Deploy Credential Mapping box.

    Note: To use load credential maps into the embedded LDAP server, the Credential Mapping provider in the security realm must have the Credential Mapping Deployment Enabled attribute checked. For more information, see Configure Credential Mapping Providers.

  6. Click OK.
  7. In the Administration Console's Change Center, click Activate Changes.
  8. Configure the required security providers for the security realm. In order for a security realm to be valid, you must configure an Authentication provider, an Authorization provider, an Adjudication provider, a Credential Mapping provider, and a Role Mapping provider. Otherwise, you will not be able to set the new security realm as the default security realm. For more information, see Manage security providers.
  9. Optionally, define an Identity Assertion and Auditing provider.
  10. Define groups and users for the security realm. For more information, see Manage users and groups.
  11. Grant users and groups in the security realm roles. For more information, see Manage security roles.
  12. Protect WebLogic resources in the security realm with security policies. For more information, see Securing WebLogic Resources.
  13. Reboot WebLogic Server. If you do not reboot WebLogic Server, you cannot set the realm to the default security realm.
  14. Set the new realm as the default security realm for the WebLogic domain. For more information, see Change the default security realm.

 

Skip navigation bar   Back to Top