This chapter describes how to create and monitor security realms and how to monitor and configure WebLogic Server users and groups.
A security realm comprises mechanisms for protecting WebLogic resources. Each security realm consists of a set of configured security providers, users, groups, security roles, and security policies. A user must be defined in a security realm in order to access any WebLogic resources belonging to that realm. When a user attempts to access a particular WebLogic resource, WebLogic Server tries to authenticate and authorize the user by checking the security role assigned to the user in the relevant security realm and the security policy of the particular WebLogic resource.
This chapter includes the following sections:
To create a new security realm:
From the WebLogic Domain dropdown menu, select Security, then select Security Realms.
The Security Realms table displays information about the security realms that have been configured in the current domain.
Click Create.
On the Create a Security Realm page, enter a name for the new security realm in the Name field.
Click Create.
The new security realm contains the following WebLogic security providers with the default configuration settings:
DefaultAuthenticator
DefaultIdentityAsserter
SystemPasswordValidator
XACMLAuthorizer
DefaultAdjudicator
XACMLRoleMapper
DefaultCredentialMapper
WebLogicCertPathProvider
After creating your security realm, you can change the security providers and provider settings from the WebLogic Server Administration Console.
For more information, see Configuration Options.
To monitor the security realms configured in a domain:
From the WebLogic Domain dropdown menu, select Security, then select Security Realms.
The Security Realms table displays information about the security realms that have been configured in the current domain, such as:
Name
Default Realm
Deploy Credential Mapping Ignored
Deploy Policy Ignored
Deploy Role Ignored
For more information about these fields, see Configuration Options.
Optionally, select View to access the following table options:
Columns: add or remove the columns displayed in the table
Detach: detach the table (viewing option)
Sort: sort the columns in ascending or descending order
Reorder: change the order of the columns displayed
Query by Example
This section describes how to monitor the users and groups in your domain. This section includes the following tasks:
To monitor users:
From the WebLogic Domain dropdown menu, select Security, then select Users and Groups.
Select the Users page.
The Users table displays information about the users that have been configured in the current domain, such as:
Name
Description
Groups
Provider
For more information about these fields, see Configuration Options.
Optionally, select View to access the following table options:
Columns: add or remove the columns displayed in the table
Detach: detach the table (viewing option)
Sort: sort the columns in ascending or descending order
Reorder: change the order of the columns displayed
Query by Example
To monitor groups:
From the WebLogic Domain dropdown menu, select Security, then select Users and Groups.
Select the Groups page.
The Groups table displays information about the groups that have been configured in the current domain, such as:
Name
Description
Provider
For more information about these fields, see Configuration Options.
Optionally, select View to access the following table options:
Columns: add or remove the columns displayed in the table
Detach: detach the table (viewing option)
Sort: sort the columns in ascending or descending order
Reorder: change the order of the columns displayed
Query by Example
This section describes how to create and configure users in your WebLogic Server domain. This section includes the following tasks:
To create a new user:
From the WebLogic Domain dropdown menu, select Security, then select Users and Groups.
Select the Users page.
The Users table displays information about the users that have been configured in the current domain, such as:
Name
Description
Groups
Provider
For more information about these fields, see Configuration Options.
Click Create.
From the Create a New User page, you can define the properties for your new user, including:
Name (must be unique)
Description
Provider
Password
For more information about these fields, see Configuration Options.
Click Create.
To configure general settings for a user:
From the WebLogic Domain dropdown menu, select Security, then select Users and Groups.
Select the Users page.
The Users table displays information about the users that have been configured in the current domain.
In the Users table, select the name of the user you want to configure.
Select General Settings.
From the General Settings page, you can change the description for the selected user. Enter a description in the Description field.
For more information, see Configuration Options.
Click Save.
To configure password settings for a user:
From the WebLogic Domain dropdown menu, select Security, then select Users and Groups.
Select the Users page.
The Users table displays information about the users that have been configured in the current domain.
In the Users table, select the name of the user you want to configure.
Select Passwords.
From the Passwords page, you can change the password for the selected user. Enter a password in the Password and Confirm Password fields.
For more information, see Configuration Options.
Click Save.
To configure attribute settings for a user:
From the WebLogic Domain dropdown menu, select Security, then select Users and Groups.
Select the Users page.
The Users table displays information about the users that have been configured in the current domain.
In the Users table, select the name of the user you want to configure.
Select Attributes.
From the Attributes page, you can modify the values of the attributes for this selected user.
For more information, see Configuration Options.
Click Save.
To configure group settings for a user:
From the WebLogic Domain dropdown menu, select Security, then select Users and Groups.
Select the Users page.
The Users table displays information about the users that have been configured in the current domain.
In the Users table, select the name of the user you want to configure.
Select Groups.
From the Groups page, you can configure group membership for the selected user.
For more information, see Configuration Options.
Click Save.
This section describes how to create and configure groups in your WebLogic Server domain. This section includes the following tasks:
To create a new group:
From the WebLogic Domain dropdown menu, select Security, then select Users and Groups.
Select the Groups page.
The Groups table displays information about the groups that have been configured in the current domain, such as:
Name
Description
Provider
For more information about these fields, see Configuration Options.
Click Create.
From the Create a New Group page, you can define the properties for your new user, including:
Name (must be unique)
Description
Provider
For more information about these fields, see Configuration Options.
Click Create.
To configure general settings for a group:
From the WebLogic Domain dropdown menu, select Security, then select Users and Groups.
Select the Groups page.
The Groups table displays information about the groups that have been configured in the current domain.
In the Groups table, select the name of the user you want to configure.
Select General Settings.
From the General Settings page, you can change the description for the selected group. Enter a description in the Description field.
For more information, see Configuration Options.
Click Save.
To configure membership settings for a group:
From the WebLogic Domain dropdown menu, select Security, then select Users and Groups.
Select the Groups page.
The Groups table displays information about the groups that have been configured in the current domain.
In the Groups table, select the name of the user you want to configure.
Select Membership.
From the Membership page, you can configure group membership for the selected group.
For more information, see Configuration Options.
Click Save.