Securing WebLogic Resources

Introduction and Roadmap

Document Scope

Documentation Audience

Guide to this Document

Related Information

Tutorials and Samples

New and Changed Features In This Release

Resource Types

EJB and Web Application Resources

WorkContext

Admin Resources

JDBC Resources

Server Resources

Roles and Policies

Role and Policy Expressions

Role and Policy Management

New Default Group and Role

MBean Protections

Understanding WebLogic Resource Security

Overview of Securing WebLogic Resources

Resource Security Process

Securing WebLogic Resources: Main Steps

Types of WebLogic Resources

Overview of WebLogic Resource Types

Administrative Resources

Administrative Operations

Application Resources

COM Resources

Enterprise Information Systems (EIS) Resources

EJB Resources

Java DataBase Connectivity (JDBC) Resources

JDBC Operations

Java Messaging Service (JMS) Resources

JMS Operations

Select ALL Methods

Select Individual Methods

Java Naming and Directory Interface (JNDI) Resources

JNDI Operations

Server Resources

Server Operations

Layered Security Scheme for Server Resources

Default Security Policies for Server Resources

MBean Protections

How the WebLogic Security Service Enforces Layered Protections

Maintaining a Consistent Security Scheme

Permissions for Starting and Shutting Down Servers

Permissions for Using the weblogic.Server Command

Permissions for Using the Node Manager

Web Application Resources

Web Service Resources

Work Context Resources

Accessing Resources Using the Administration Console

Options for Securing EJB and Web Application Resources

Security Techniques and Security Models

JAAC Security

Choose a Security Technique

Using the WebLogic Server Administration Console

Using Deployment Descriptors

Using the Administration Console and Deployment Descriptors

Choose a Security Model

Deployment Descriptors Only Model

Customize Roles Model

Customize Roles and Policies Model

Security Realm Configuration (Advanced Model)

Using the Advanced Security Model

Understanding How to Check Security Roles and Security Policies

Using the fullyDelegateAuthorization Flag

Understanding the On Future Redeploys Setting

How The Check Roles and Policies and On Future Redeploys Settings Interact

How to Modify Check Roles and Policies and On Future Redeploys Settings

Using the Combined Technique with the Advanced Security Model

Copying Security Configurations From a Deployment Descriptor

Reinitializing Security Configurations

Understanding the Combined Role Mapping Enabled Setting

Usage examples

Changing the default setting

Users, Groups, And Security Roles

Overview of Users and Groups

Default Groups

Adding Users To Administrators Group

Using the Administration Console to Manage Users and Groups

Overview of Security Roles

Dynamic Role Mapping

Dynamic Role Mapping and Security Policies

Types of Security Roles: Global Roles and Scoped Roles

Default Global Roles

Protected MBean Attributes and Operations

Components of a Security Role: Conditions, Expressions, and Statements

Role Conditions

Basic Role Conditions

Date and Time Role Conditions

Context Element Role Conditions

Role Expressions

Role Statement

Using the Administration Console to Manage Security Roles

Security Policies

Overview of Security Policies

Security Policy Granularity and Inheritance

Security Policy Storage and Prerequisites for Use

Default Security Policies

Protected Public Interfaces

Components of a Security Policy: Conditions, Expressions, and Statements

Policy Conditions

Basic Policy conditions

Date and Time Policy Conditions

Context Element Policy Conditions

Policy Expressions

Policy Statement

Using the Administration Console to Manage Security Policies

Contact BEA |  Feedback |  Privacy  |