Skip navigation.

Securing a Production Environment

  Previous Next vertical dots separating previous/next from contents/index/pdf Contents View as PDF   Get Adobe Reader

Introduction and Roadmap

The following sections describe the contents and organization of this guide—Securing a Production Environment.


Document Scope and Audience

This guide describes how to secure a WebLogic Server® production environment.

It is intended for the following audiences:


Guide to This Document

This document is organized as follows:


Related Information

The following BEA WebLogic Server documents contain information that is relevant to the WebLogic Security Service:


Security Samples and Tutorials

BEA Systems provides code samples for Java Authentication and Authorization Service and for Outbound and Two-way SSL for Security developers. The examples and tutorials illustrate WebLogic Server Security in action, and provide practical instructions on how to perform key Security development tasks.

BEA recommends that you run some or all of the Security examples before developing your own Security configurations.

Avitek Medical Records Application (MedRec) and Tutorials

MedRec is an end-to-end sample J2EE application shipped with WebLogic Server that simulates an independent, centralized medical record management system. The MedRec application provides a framework for patients, doctors, and administrators to manage patient data using a variety of different clients.

MedRec demonstrates WebLogic Server and J2EE features, and highlights BEA-recommended best practices. MedRec is included in the WebLogic Server distribution, and can be accessed from the Start menu on Windows machines. For Linux and other platforms, you can start MedRec from the WL_HOME\samples\domains\medrec directory, where WL_HOME is the top-level installation directory for WebLogic Platform.

MedRec includes a service tier consisting primarily of Enterprise Java Beans (EJBs) that work together to process requests from Web applications, Web services, workflow applications, and future client applications. The application includes message-driven, stateless session, stateful session, and entity EJBs.

Security Examples in the WebLogic Server Distribution

WebLogic Server 9.1 optionally installs API code examples in WL_HOME\samples\server\examples\src\examples, where WL_HOME is the top-level directory of your WebLogic Server installation. You can start the examples server, and obtain information about the samples and how to run them from the WebLogic Server 9.1 Start menu.

Additional Security Examples Available for Download

Additional API examples for download at These examples are distributed as ZIP files that you can unzip into an existing WebLogic Server samples directory structure.

You build and run the downloadable examples in the same manner as you would an installed WebLogic Server example. See the download pages of individual examples for more information at


Skip navigation bar  Back to Top Previous Next