Because your WebLogic Server production environment is likely to contain a number of Managed Servers and application resources (such as EARs, WARs, and EJBs) deployed to these servers, ensuring that your environment is secure means ensuring that each piece of the environment is secure. Each time you create a new WebLogic Server instance or deploy a new module, you should secure them or at minimum, double check that they are already secured by an existing security policy.

The basic elements of the WebLogic Security Framework include:

• Manage security realms
• Manage users and groups
• Manage security for Web applications and EJBs
• Manage security roles
• Manage security policies
• Manage security providers

Note: This release of WebLogic Server includes Compatibility security, which supports security realms developed in WebLogic Server 6.x. For information about configuring compatibility security, see Set up Compatibility security and Using Compatibility Security. Compatibility security is deprecated in this release of WebLogic Server and will not be supported in future major releases. Oracle encourages users of compatibility security to migrate their usage forward.