OTN Home > Oracle WebLogic Server 12.2.1.1.0 Documentation > Administration Console Online Help > Use roles and policies to secure resources

Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Use roles and policies to secure resources


To secure a resource in a WebLogic Server domain, you create a policy and an optional role. A resource is an entity (such as a Web Service or a server instance) or an action (such as a method in a Web Service or the act of shutting down a server instance). A policy specifies which users, groups, or roles can access the resource under a set of conditions. A security role, like a security group, grants an identity to a user. Unlike a group, however, membership in a role can be based on a set of conditions that are evaluated at runtime. For a list of all resource types, see Resource Types You Can Secure with Policies.

For most types of WebLogic resources, you use the Administration Console to define the security policies and roles that restrict access. However, for Web application and EJB resources, you can also use deployment descriptors. See Manage security for Web applications and EJBs.

To use the Administration Console to secure WebLogic resource:

  1. Create users and groups.

    See Manage users and groups.

  2. Oracle recommends that you use security roles to secure WebLogic resources (instead of users or groups), because doing so increases efficiency for administrators who work with many users. You can use the default roles that WebLogic Server provides or create your own.

    See Manage security roles.

  3. Create security policies.

    See Manage security policies.

Related Topics


Back to Top