Authentication Security Provider Service
The Authentication Security Provider Service lets you do the following:
The settings on this page apply to all authentication providers connected to WebLogic Server, unless a provider does not allow a given task to be performed from the WebLogic Administration Portal.
The following table describes the fields and default values for the Authentication Security Provider Service. Updates to any field on this page require either enterprise application redeployment or server restart.
Field | Default Value | Description |
Enable Group Predicate Text Entry |
No |
Some authentication providers may not allow user/group read access by external tools such as the WebLogic Administration Portal. If providers do not allow read access to users and groups, you can activate a text box entry field in the User & Groups, Delegated Administration, and Visitor Entitlements tools for those providers. The text box lets you enter the names of known users and groups, letting you assign profiles for those users or groups, as well as define Delegated Administration and Visitor Entitlements rules using those users and groups. When a user from that non-readable authentication provider logs in, WebLogic Portal uses the profile for the user and can check whether or not the user belongs to any Delegated Administration or Visitor Entitlement groups. Set the value to Yes to enable text box entry. |
Roles That Can Read Groups |
Admin |
For each user or group management task, you can designate which roles are allowed to perform the task. Roles can be domain-level roles or portal application-level roles (Delegated Administration). The Anonymous role is any unauthenticated user. The Self role is for any authenticated user to perform self service, such as adding oneself to a group or changing one's password. For multiple entries, press Enter after each. |
Roles That Can Create Groups |
Admin |
|
Roles That Can Update Groups |
Admin |
|
Roles That Can Delete Groups |
Admin |
|
Roles That Can Read Users |
Anonymous |
|
Roles That Can Create Users |
Admin |
|
Roles That Can Update Users |
Admin |
|
Roles That Can Delete Users |
Admin |
|
Reserved Users |
None. The field is empty. |
User or group names you enter in a Reserved field will not be created in any provider. User or group names you enter in a Protected Field will not be deleted from any provider. For multiple entries, press Enter after each. You do not have to add names that are reserved or protected by default by WebLogic Server. |
Protected Users |
None. The field is empty. |
|
Reserved Groups |
None. The field is empty. |
|
Protected Groups |
None. The field is empty. |
Related Help Topics: