Administration Console Online Help

    Previous Next  Open TOC in new window 
Content starts here

Use roles and policies to secure resources

To secure a resource in a WebLogic Server domain, you create a policy and an optional role. A resource is an entity (such as a Web Service or a server instance) or an action (such as a method in a Web Service or the act of shutting down a server instance). A policy specifies which users, groups, or roles can access the resource under a set of conditions. A security role, like a security group, grants an identity to a user. Unlike a group, however, membership in a role can be based on a set of conditions that are evaluated at runtime. For a list of all resource types, see Types of WebLogic Resources.

For most types of WebLogic resources, you use the Administration Console to define the security policies and roles that restrict access. However, for Web application and EJB resources, you can also use deployment descriptors. See Manage security for Web applications and EJBs.

To use the Administration Console to secure WebLogic resource:

  1. Create users and groups.

    See Manage users and groups.

  2. BEA recommends that you use security roles to secure WebLogic resources (instead of users or groups), because doing so increases efficiency for administrators who work with many users. You can use the default roles that WebLogic Server provides or create your own.

    See Manage security roles.

  3. Create security policies.

    See Manage security policies.

Related Topics

  Back to Top