e-docs > WebLogic Server > Managing WebLogic Security

Managing WebLogic Security

 Previous Next Contents View as PDF  

Overview of Security Management

Audience

How Security Changed in WebLogic Server

Change in Scope of Security Realms

Security Providers

Security Policies Instead of ACLs

WebLogic Resources

Deployment Descriptors and the WebLogic Server Administration Console

The Default Security Configuration in WebLogic Server

Configuration Steps for Security

What Is Compatibility Security?

Management Tasks Available in Compatibility Security

Customizing the Default Security Configuration

Why Customize the Default Security Configuration?

Creating a New Security Realm

Setting a New Security Realm as the Default (Active) Security Realm

Deleting a Security Realm

Reverting to a Previous Security Configuration

Configuring Security Providers

When Do I Need to Configure a Security Provider?

Configuring a WebLogic Adjudication Provider

Configuring a WebLogic Auditing Provider

Choosing an Authentication Provider

Configuring an Authentication Provider: Main Steps

Setting the JAAS Control Flag Attribute

Configuring an LDAP Authentication Provider

Requirements for Using an LDAP Authentication Provider

Configuring a LDAP Authentication Provider

Setting LDAP Server and Caching Information

Locating Users in the LDAP Directory

Locating Groups in the LDAP Directory

Locating Members of a Group in the LDAP Directory

Configuring Failover for LDAP Authentication Providers

Configuring a WebLogic Authentication Provider

Configuring a Realm Adapter Authentication Provider

Configuring a WebLogic Identity Assertion Provider

Using a User Name Mapper with the WebLogic Identity Assertion Provider

Configuring an LDAP X509 Identity Assertion Provider

Ordering of Identity Assertion for Servlets

Configuring a WebLogic Authorization Provider

Configuring a WebLogic Credential Mapping Provider

Configuring a WebLogic Keystore Provider

Configuring a WebLogic Role Mapping Provider

Configuring a Custom Security Provider

Deleting a Security Provider

Single Sign-On with Enterprise Information Systems

Overview

Using Deployment Descriptors to Create Credential Maps

Using the WebLogic Administration Console to Create Credential Maps

Managing the Embedded LDAP Server

Configuring the Embedded LDAP Server

Configuring Backups for the Embedded LDAP Server

Viewing the Contents of the Embedded LDAP Server from an LDAP Browser

Exporting and Importing Information in the Embedded LDAP Server

Access Control Syntax

The Access Control File

Access Control Location

Access Control Scope

Access Rights and Permissions

Attribute Permissions

Entry Permissions

Attributes Types

Subject Types

Grant/Deny Evaluation Rules

Configuring SSL

SSL: An Introduction

Private Keys, Digital Certificates and Trusted Certificate Authorities

One-Way and Two-Way SSL

Setting Up SSL: Main Steps

Obtaining Private Keys, Digital Certificates and Trusted Certificate Authorities

Using the Cert Gen Utility

Using the Certificate Request Generator Servlet

Using Certificate Chains

Converting a Microsoft p7b Format to PEM Format

Using Your Own Certificate Authority

Getting a Digital Certificate for a Web Browser

Storing Private Keys, Digital Certificates, and Trusted Certificate Authorities

Creating a Keystore and Loading Private Keys and Trusted Certificate Authorities into the Keystore

Common Keytool Commands

Configuring the WebLogic Server Keystore Provider to Locate a Keystore

Using a JKS Keystore

Enabling the SSL Port

Setting Attributes for One-Way SSL

Setting Attributes for Two-Way SSL

Command-Line Arguments for SSL

Enabling SSL Debugging

SSL Session Behavior

Using Host Name Verification

Configuring SSL for the Node Manager

SSL Requirements for Administration Servers

SSL Requirements for Managed Servers

SSL Requirements for the Node Manager

Identity and Trust: Demonstration Versus Production

Host Name Verification Requirements

Node Manager SSL Demonstration Configuration: Main Steps

Node Manager SSL Production Configuration: Main Steps

Configuring the Administration Server to Use SSL

Configuring a Managed Server to Use SSL

Configuring the Node Manager to Use SSL

Configuring RMI over IIOP with SSL

SSL Certificate Validation

Controlling the Level of Certificate Validation

Checking Certificate Chains

Troubleshooting Problems with Certificates

Using the nCipher JCE Provider with WebLogic Server

Specifying the Version of the SSL Protocol

Using the SSL Protocol to Connect to WebLogic Server from weblogic.Admin

Ensure Two-Way SSL is Disabled on the SSL Server

Use a Secure Port in the URL

Specify Trust for weblogic.Admin

Specify Host Name Verification for weblogic.Admin

Using the SSL Protocol with a BEA Tuxedo Client and WebLogic Server

Protecting User Accounts

Protecting Passwords

Setting Lockout Attributes for User Accounts

Unlocking a User Account

Configuring Security for a WebLogic Domain

Enabling Trust Between WebLogic Domains

Configuring Connection Filtering

Using Compatibility Security

Running Compatibility Security: Main Steps

The Default Security Configuration in the CompatibilityRealm

Configuring the Identity Assertion Provider in the Realm Adapter Authentication Provider

Configuring a Realm Adapter Auditing Provider

Protecting User Accounts in Compatibilty Security

Accessing 6.x Security from Compatibility Security

 

Back to Top Previous Next