Contents

Title and Copyright Information

Preface

Part I Overview of WebLogic Server Security Administration

1 Introduction and Roadmap

2 Security Management Concepts

3 WebLogic Server Security Standards

4 Configuring Security for a WebLogic Domain

5 Customizing the Default Security Configuration

Part II Configuring Security Providers

6 About Configuring WebLogic Security Providers

7 Configuring Authorization and Role Mapping Providers

8 Configuring the WebLogic Auditing Provider

9 Configuring Credential Mapping Providers

10 Configuring the Certificate Lookup and Validation Framework

Part III Configuring Authentication Providers

11 About Configuring the Authentication Providers in WebLogic Server

12 Configuring the WebLogic Authentication Provider

13 Configuring LDAP Authentication Providers

14 Configuring RDBMS Authentication Providers

15 Configuring the Windows NT Authentication Provider

16 Configuring the SAML Authentication Provider

17 Configuring the Password Validation Provider

18 Configuring Identity Assertion Providers

19 Configuring the Virtual User Authentication Provider

Part IV Configuring Single Sign-On

20 Configuring Single Sign-On with Microsoft Clients

21 Configuring Single Sign-On with Web Browsers and HTTP Clients Using SAML

22 Configuring SAML 1.1 Services

23 Configuring SAML 2.0 Services

24 Enabling Debugging for SAML 1.1 and 2.0

Part V Managing Security Information

25 Migrating Security Data

26 Managing the RDBMS Security Store

27 Managing the Embedded LDAP Server

Part VI Configuring SSL

28 Overview of Configuring SSL in WebLogic Server

29 Configuring Keystores

30 Configuring Oracle OPSS Keystore Service

31 Using Host Name Verification

32 Specifying a Client Certificate for an Outbound Two-Way SSL Connection

33 SSL Debugging

34 SSL Certificate Validation

35 Using JCE Providers with WebLogic Server

36 Enabling FIPS Mode

37 Specifying the SSL Protocol Version

38 Using the JSSE-Based SSL Implementation

39 X.509 Certificate Revocation Checking

40 Configuring an Identity Keystore Specific to a Network Channel

41 Configuring RMI over IIOP with SSL

42 Using a Certificate Callback Handler to Validate End User Certificates

Part VII Advanced Security Topics

43 Configuring Cross-Domain Security

44 Configuring JASPIC Security

45 Security Configuration MBeans

Part VIII Appendixes

A Keytool Command Summary

B Using Certificate Chains (Deprecated)

C Interoperating With Keystores From Prior Versions