Skip navigation.

Securing WebLogic Resources

  Previous Next vertical dots separating previous/next from contents/index/pdf Contents Index View as PDF   Get Adobe Reader

Introduction and Roadmap

The following sections describe the content and organization of this document:


Document Scope

This document describes how to use security roles and security polices to protect different types of WebLogic resources. It includes information about resource types, options for securing EJB and Web application resources, different types of security roles and policies, and the components of a role and policy.

This document should be used in conjunction with:


Documentation Audience

This document is intended for the these audiences:


Guide to this Document

The document is organized as follows:

Related Information

Other WebLogic Server documents that may be of interest to Server or Application Administrators wanting to secure WebLogic resources are:

These documents provide additional information about specific resource types:

Tutorials and Samples

Additional security documents are listed on the Samples page.


New and Changed Features In This Release

WebLogic Server 9.0 introduces several changes to WebLogic Server resource security:

Resource Types

EJB and Web Application Resources


New resource type that can be secured using the Administration Console. See Work Context Resources.

Admin Resources

More methods (in addition to unlockUser) can be secured in the Administration Console. See Administrative Resources.

JDBC Resources

The list of Admin methods that can be accessed from the Administration Console has been updated. See Java DataBase Connectivity (JDBC) Resources.

Server Resources

Changes to methods that can be accessed and secured in the Administration Console: suspend and resume replace lock and unlock. See Server Resources.

Roles and Policies

Role and Policy Expressions

New built-in conditions are available for creating security role and policy expressions. See Components of a Security Role: Conditions, Expressions, and Statements and Components of a Security Policy: Conditions, Expressions, and Statements.

Role and Policy Management

Use the Roles and Policies tables to obtain a central listing of all security roles and policies in a security realm. See List Security Roles and List Security Policies in Administration Console Online Help.

New Default Group and Role

The AppTesters default group and AppTester global security role have been added. See Default Groups and Default Global Roles.

MBean Protections

The list of MBeans and methods secured by default global roles has been updated and expanded. See Protected MBean Attributes and Operations.


Skip navigation bar  Back to Top Previous Next