Configure Authorization providers

Before you begin

If automatic realm restart is enabled, you do not need to restart WebLogic Server for non-dynamic changes made to the security providers to go into effect. See Enable automatic realm restart and Using Automatic Realm Restart.

WebLogic Server offers the following types of Authorization providers:

The XACML Authorization provider is the standard Authorization provider for the WebLogic Security Framework. It implements XACML 2.0, the standard access control policy markup language.
The WebLogic Authorization provider is an Authorization provider for the WebLogic Security Framework that implements a proprietary policy language. Note that the Administration Console refers to the WebLogic Authorization provider as the Default Authorizer, even though the XACML Authorization provider is configured by default instead.

Each security realm must have one at least one Authorization provider configured.

To configure an Authorization provider:

If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
In the left pane, select Security Realms, then click the name of the realm you are configuring (for example, myrealm).
Expand Providers > Authorization and click New.
The Create a New Authorization Provider page appears.
In the Name field of Create a New Authorization Provider, enter a name for the Authorization provider.
From the Type drop-down list, select the type of the Authorization provider and click OK.
Expand Providers > Authorization and click the name of the new Authorization provider to complete its configuration.
Optionally, on the Configuration:Provider Specific page for the Authorization provider, check Policy Deployment Enabled. Do this if you want to store security policies that are created when you deploy a Web application or an Enterprise JavaBean (EJB).
In the Change Center, click Activate Changes.

Administration Console Online Help