Managing Security With the Admin Console
The Admin Console provides the means to manage the following aspects of security:
Server Security Settings
On the Security Settings page, set properties for the entire server, including specifying the default realm, the anonymous role, and the default principal user name and password. For more information, see To configure security settings.
Realms and file Realm Users
The concept of realms was introduced in Understanding Users, Groups, Roles, and Realms.
-
Create a new realm
-
Delete an existing realm
-
Modify the configuration of an existing realm
-
Add, modify, and delete users in the file realm
-
Set the default realm
See Admin Console Tasks for Realms for details on these tasks.
JACC Providers
JACC providers were introduced in Specifying JACC Providers. Use the Admin Console to perform the following tasks:
-
Add a new JACC provider
-
Delete or modify an existing JACC provider
See Admin Console Tasks for JACC Providers for details on these tasks.
Audit Modules
Audit modules were introduced in Auditing Authentication and Authorization Decisions. Auditing is the method by which significant events, such as errors or security breaches, are recorded for subsequent examination. All authentication events are logged to the Application Server logs. A complete access log provides a sequential trail of Application Server access events.
Use the Admin Console to perform the following tasks:
-
Add a new audit module
-
Delete or modify an existing audit module
See Admin Console Tasks for Audit Modules for details on these tasks.
Message Security
The concept of message security was introduced in Configuring Message Security. Use the Admin Console to perform the following tasks:
-
Enable message security
-
Configure a message security provider
-
Delete or configure an existing message security configuration or provider
See Chapter 10, Configuring Message Security for details on these tasks.
HTTP and IIOP Listener Security
Each virtual server in the HTTP service provides network connections through one or more HTTP listeners. For general information about the HTTP service and HTTP listeners, see What Is the HTTP Service?.
The Application Server supports CORBA (Common Object Request Broker Architecture) objects, which use the Internet Inter-Orb Protocol (IIOP) to communicate across the network. An IIOP listener accepts incoming connections from remote clients of EJB components and from other CORBA-based clients. For general information on IIOP listeners, see IIOP Listeners.
With the Admin Console, perform the following tasks:
-
Create a new HTTP or IIOP listener, and specify the security it uses.
-
Modify the security settings for an existing HTTP or IIOP listener.
See Admin Console Tasks for Listeners and JMX Connectors for details on these tasks.
Admin Service Security
The Admin Service determines whether the server instance is a regular instance, a domain administration server (DAS), or a combination. Use the Admin Service to configure a JSR-160 compliant remote JMX connector, which handles communication between the domain administration server and the node agents, which manage server instances on a host machine, for remote server instances.
With the Admin Console, perform the following tasks:
-
Manage the Admin Service
-
Edit the JMX connector
-
Modify the security settings of the JMX connector
See To configure security for the Admin Service’s JMX connector for details on these tasks.
Security Maps
The concept of security maps for connector connection pools is introduced in About Security Maps. Use the Admin Console to perform the following tasks:
-
Add a security map to an existing connector connection pool
-
Delete or configure an existing security map
See Admin Console Tasks for Connector Connection Pools for details on these tasks.
- © 2010, Oracle Corporation and/or its affiliates