In a WebLogic resource adapter,
you can either have a single security identity that can perform all
functions, or use separate identities for separate classes of functions.
You can define the following four types of security identities in the
weblogic-ra.xml deployment descriptor:
default principal: a security principal that can perform all
resource adapter tasks
run-as principal: a security principal used by calls from the
connector container into the resource adapter code during connection
run-work-as principal: a security principal used for Work
instances launched by the resource adapter.
manage-as principal: a security principal used for resource
adapter management tasks, such as startup, shutdown, testing, and