Skip navigation.

eDocs Home > BEA WebLogic Server 8.1 Documentation > Administration Console Online Help > Global Roles

Administration Console Online Help

  Previous Next vertical dots separating previous/next from contents/index/pdf Contents Index

 

Global Roles

Security roles are abstract, logical collections of users similar to a group. The difference between groups and security roles is that a group is a static identity a server administrator assigns, while membership in a security role is dynamically calculated based on data such as username, group membership, or the time of day. Security roles are granted to individual users or to groups. For more efficient management, BEA recommends granting security roles to groups rather than to individual users. Once you create a security role, you define an association between the security role and a WebLogic resource. This association (called a security policy) specifies who has what access to the WebLogic resource.

Global roles, the types of security roles you work with here, are security roles that apply to all WebLogic resources in a security realm. You can also create scoped roles, or security roles that apply to a specific instance of a WebLogic resource (such as a method of an EJB or a branch of a JNDI tree), by right-clicking the WebLogic resource.

This Global Roles page displays key information about each global security role that has been configured in this security realm.

All the global roles defined in the security realm are listed in the Roles table. The Provider column in the Roles table indicates the Role Mapping provider in which the role is defined.

To delete a global role, click on the trash can icon that is located in the same row as the global role you want to delete.

To define a new global role in the security realm, click the Configure a new Role... link.

 

Skip navigation bar  Back to Top Previous Next