8 Using Roles and Policies to Secure JDBC Data Sources

This chapter provides information on how WebLogic Server uses roles and policies to secure JDBC data sources.

• Setting Security Policies for JDBC Resources

• Security Roles for JDBC MBeans

Setting Security Policies for JDBC Resources

You can optionally restrict access to JDBC data sources. In WebLogic Server, security policies answer the question "who has access" to a WebLogic resource. A security policy is created when you define an association between a WebLogic resource and a user, group, or role. A WebLogic resource has no protection until you assign it a security policy. For instructions on how to set up security for all WebLogic Server resources, see "Use roles and policies to secure resources" in Oracle WebLogic Server Administration Console Help. For more information about securing server resources, see Securing Resources Using Roles and Policies for Oracle WebLogic Server.

You can protect JDBC resource operations by assigning Administrator methods which can limit the actions that an administrator may take upon a JDBC data source. See "Java DataBase Connectivity (JDBC) Resources" in Securing Resources Using Roles and Policies for Oracle WebLogic Server.

Security Roles for JDBC MBeans

JDBC MBeans allow only the Admin and Deployer roles. The following sections provide information on the security roles defined for JDBC MBeans:

• JDBC Domain Configuration MBeans

• JDBC System Module MBeans

See "Default Security Policies for MBeans" in Oracle WebLogic Server MBean Reference for information on default security settings for WebLogic Server.

JDBC Domain Configuration MBeans

The following domain configuration JDBC MBeans that have settings that override the default security settings.

• JDBCConnectionPoolMBean (deprecated)

• JDBCDataSourceFactoryMBean (deprecated)

• JDBCDataSourceMBean (deprecated)

• JDBCMultiPoolMBean (deprecated)

• JDBCSystemResourceMBean

• JDBCTxDataSourceMBean (deprecated)

See "Domain Configuration MBeans" in Oracle WebLogic Server MBean Reference.

JDBC System Module MBeans

The following system module JDBC MBeans that have settings that override the default security settings.

• JDBCConnectionPoolParamsBean

• JDBCDataSourceBean

• JDBCDataSourceParamsBean

• JDBCDriverParamsBean

• JDBCPropertiesBean

• JDBCPropertyBean

• JDBCXAParamsBean

See "System Module MBeans" in Oracle WebLogic Server MBean Reference.