Administration Console Online Help

Domain-->Compatibility Security-->General

Overview

Use this page to configure an Auditing provider for the CompatibilityRealm and to disable the guest user for a WebLogic domain. This page applies to WebLogic Server deployments using Compatibility Security.

The Auditing provider installed from this page must be an implementation of the weblogic.security.audit interface. This interface is deprecated in this release of WebLogic Server.

The guest user is automatically provided in Compatibility security. When authorization is not required, WebLogic Server assigns the guest identity to an client, thus giving the client access to any resources that are available to the guest user. A client can log in as the guest user by entering guest as the username and password when prompted by a Web browser or in a Java client. By default, the guest account is disabled. For a more secure deployment, BEA recommends running WebLogic Server with the guest account disabled.

Tasks

Setting Up Compatibility Security: Main Steps

Disabling the Guest User

Installing an Audit Provider

Attributes

Attribute Label	Description	Value Constraints
Audit Provider Class	MBean: `weblogic.management. configuration. SecurityMBean` Attribute: `AuditProviderClassName`	Configurable: yes Readable: yes Writable: yes
Guest Disabled	Specifies whether or not guest logins can be used to access WebLogic Server resources. MBean: `weblogic.management. configuration. SecurityMBean` Attribute: `GuestDisabled`	Default: `true` Readable: yes Writable: yes

Attribute Label

Description

Value Constraints

Audit Provider Class

MBean: weblogic.management. configuration. SecurityMBean

Attribute: AuditProviderClassName

Configurable: yes

Readable: yes

Writable: yes

Guest Disabled

Specifies whether or not guest logins can be used to access WebLogic Server resources.