Administration Console Online Help

Default Adjudicator --> General

Tasks     Additional Documentation     Attributes

Overview

Use this tab to configure an Adjudication provider for a security realm. When multiple Authorization providers are configured in a security realm, each may return a different answer to the "is access allowed" question for a given resource. This answer may be PERMIT, DENY, or ABSTAIN. Determining what to do if mulitple Authorization providers do not agree on the answer is the primary function of the Adjudication provider. Adjudication providers resolve authorization conflicts by weighting each Authorization provider's answer and returning a final decision.

By default, the WebLogic Adjudication provider is configured. The WebLogic Adjudication provider behaves as follows:

• If all Authorization providers return PERMIT, then PERMIT.

• If any Authorization providers return DENY, then DENY.

• If some Authorization providers return ABSTAIN and others return PERMIT, then PERMIT if unanimous permit is not required, DENY otherwise.

You can use a Custom Adjudication provider instead of the WebLogic Adjudication provider. For a Custom Adjudication provider to be available in the WebLogic Server Administration Console, the MBean JAR file for the provider must be in the WL_HOME\lib\mbeantypes directory.

Tasks

Configuring an Adjudication Provider

Additional Documentation

(Requires an Internet connection.)

Introduction to WebLogic Security

Managing WebLogic Security

Programmimg WebLogic Security

Developing Security Providers for WebLogic Server

Securing a WebLogic Server Deployment

Upgrading Security in WebLogic Server Version 6.x to WebLogic Server Version 7.0

Security FAQ

The Security page in the WebLogic Server documentation

Attributes