Download Docs   Site Map   Glossary  Search

Administration Console Online Help

WebLogic Adjudication Provider-->General

Tasks     Related Topics     Attributes

Overview

Use this tab to configure a WebLogic Adjudication provider for a security realm.

Note: The Administration Console refers to the WebLogic Adjudication provider as the Default Adjudicator.

When multiple Authorization providers are configured in a security realm, each may return a different answer to the "is access allowed" question for a given resource. This answer may be PERMIT, DENY, or ABSTAIN. Determining what to do if mulitple Authorization providers do not agree on the answer is the primary function of the Adjudication provider. Adjudication providers resolve authorization conflicts by weighting each Authorization provider's answer and returning a final decision.

By default, the WebLogic Adjudication provider is configured. The WebLogic Adjudication provider behaves as follows:

• If all Authorization providers return PERMIT, then PERMIT.
• If any Authorization providers return DENY, then DENY.
• If some Authorization providers return ABSTAIN and others return PERMIT, then PERMIT if unanimous permit is not required, DENY otherwise.

You can use a Custom Adjudication provider instead of the WebLogic Adjudication provider. For a Custom Adjudication provider to be available in the WebLogic Server Administration Console, the MBean JAR file for the provider must be in the WL_HOME\lib\mbeantypes directory.

Tasks

Configuring a New Security Realm

Configuring the WebLogic Adjudication Provider

Configuring a Custom Security Provider

Related Topics

Introduction to WebLogic Security

Managing WebLogic Security

Programmimg WebLogic Security

Developing Security Providers for WebLogic Server

Securing a WebLogic Server Deployment

Upgrading Security in WebLogic Server Version 6.x to WebLogic Server Version 7.0

Security FAQ

The Security page in the WebLogic Server documentation

Attributes