Administration Console Online Help

WebLogic Server offers the following types of Authorization providers:

The XACML Authorization provider is the standard Authorization provider for the WebLogic Security Framework. It implements XACML 2.0, the standard access control policy markup language.
The WebLogic Authorization provider is an Authorization provider for the WebLogic Security Framework that implements a proprietary policy language. Note that the Administration Console refers to the WebLogic Authorization provider as the Default Authorizer, even though the XACML Authorization provider is configured by default instead.
The Realm Adapter Authorization provider accesses user and group information stored in Compatibility security realms.

Each security realm must have one at least one Authorization provider configured.

To configure an Authorization provider:

If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
In the left pane, select Security Realms, then click the name of the realm you are configuring (for example, myrealm).
Expand Providers > Authorization and click New.
The Create a New Authorization Provider page appears.
In the Name field of Create a New Authorization Provider, enter a name for the Authorization provider.
From the Type drop-down list, select the type of the Authorization provider and click OK.
Expand Providers > Authorization and click the name of the new Authorization provider to complete its configuration.
Optionally, on the Configuration:Provider Specific page for the Authorization provider, check Policy Deployment Enabled. Do this if you want to store security policies that are created when you deploy a Web application or an Enterprise JavaBean (EJB).
To activate these changes, in the Change Center, click Activate Changes.
After you finish configuring the Authorization provider, reboot WebLogic Server.

Configure Authorization providers