Skip navigation.

eDocs Home > BEA WebLogic Server 9.1 Documentation > Securing WebLogic Resources

Securing WebLogic Resources

   Previous Next vertical dots separating previous/next from contents/index/pdf Contents Index View as PDF   Get Adobe Reader

Introduction and Roadmap

Document Scope and Audience

Guide to This Document

Related Information

Tutorials and Samples

New and Changed Features

Understanding WebLogic Resource Security

Overview of Securing WebLogic Resources

Designing Roles and Policies for WebLogic Resources: Main Steps

Best Practices: Conditionalize Policies or Conditionalize Roles

Best Practices: Configure Entitlements Caching When Using WebLogic Providers

Types of WebLogic Resources

Administrative Resources

MBean Security Layer

Administrative Resource Layer

Maintaining a Consistent Security Scheme

Application Resources

COM Resources

Enterprise Information Systems (EIS) Resources

EJB Resources

Java DataBase Connectivity (JDBC) Resources

JDBC Operations

Java Messaging Service (JMS) Resources

JMS Operations

Select ALL Methods

Select Individual Methods

Java Naming and Directory Interface (JNDI) Resources

JNDI Operations

Server Resources

Permissions for the weblogic.Server Command and the Node Manager

Permissions for Using the weblogic.Server Command

Permissions for Using the Node Manager

Web Application Resources

Web Service Resources

Work Context Resources

Options for Securing Web Application and EJB Resources

Comparison of Security Models for Web Applications and EJBs

Discussion of Each Model

Deployment Descriptor Only Model

Custom Roles Model

Custom Roles and Policies Model

Advanced Model

Understanding the Advanced Security Model

Understanding the Check Roles and Policies Setting

Understanding the When Deploying Web Applications or EJBs Setting

How the Check Roles and Policies and When Deploying Web Applications or EJBs Settings Interact

Understanding the Combined Role Mapping Enabled Setting

Usage Examples

Securing Web Applications and EJBs

Security Policies

Security Policy Granularity and Inheritance

Security Policy Storage and Prerequisites for Use

Default Root Level Security Policies

Security Policy Conditions

Basic Policy Conditions

Date and Time Policy Conditions

Context Element Policy Conditions

Protected Public Interfaces

Using the Administration Console to Manage Security Policies

Users, Groups, And Security Roles

Overview of Users and Groups

Default Groups

Runtime Groups

Best Practices: Add a User To the Administrators Group

Overview of Security Roles

Types of Security Roles: Global Roles and Scoped Roles

Default Global Roles

Security Role Conditions

Basic Role Conditions

Date and Time Role Conditions

Context Element Role Conditions

Using the Administration Console to Manage Users, Groups, and Roles

 

Skip footer navigation  Back to Top Previous Next