Default Security Policies for MBeans
To connect to a WebLogic Server MBean server, a JMX client must supply credentials for a user who has been defined in the WebLogic Server domain's security realm. To further secure the MBeans that have been registered in an MBean server, WebLogic Server uses security roles and policies.
By default, a WebLogic Server security realm contains four global security roles: Admin, Deployer, Operator, and Monitor, and the default security policies for WebLogic Server MBeans grant the following permissions:
userExistsmethod on security provider MBeans.
Security providers can override these default settings. To modify these defaults from the Administration Console, see Create JMX policies.
For more information, see Default Security Policies for MBeans.