Security policies for EJB (enterprise JavaBean) resources apply to a specific type of WebLogic resource related to deployed EJBs. You can create security policies for EJB JARs, individual EJBs within an EJB JAR, or for individual methods on an EJB.
Note: These instructions also apply to Message-driven Beans (MDBs).
Note: If you loaded security policies for the EJB application from deployment descriptors using the Deployment Assistant, you need to Activate Changes and start the application in order to access the policies.
The way you access security policies differs slightly depending on how your EJBs are deployed. Start with step1 or step 2:
Deployments > MyEAR > EJBModule > myEJB
Deployments > MyEJBApp
To apply a security role to the entire EJB application and its contents: select Security > Application Scope > Policies
To apply a security role to all of the EJBs in the EJB JAR: select Security > Module Scope > Policies
To apply a security role to an individual bean, expand the deployment, click the EJB and select Security > Policies.