Title and Copyright Information


Part I Overview of WebLogic Server Security Administration

1 Introduction and Roadmap

2 Security Management Concepts

3 WebLogic Server Security Standards

4 Configuring Security for a WebLogic Domain

5 Customizing the Default Security Configuration

Part II Configuring Security Providers

6 About Configuring WebLogic Security Providers

7 Configuring Authorization and Role Mapping Providers

8 Configuring the WebLogic Auditing Provider

9 Configuring Credential Mapping Providers

10 Configuring the Certificate Lookup and Validation Framework

Part III Configuring Authentication Providers

11 About Configuring the Authentication Providers in WebLogic Server

12 Configuring the WebLogic Authentication Provider

13 Configuring LDAP Authentication Providers

14 Configuring RDBMS Authentication Providers

15 Configuring the Windows NT Authentication Provider

16 Configuring the SAML Authentication Provider

17 Configuring the Password Validation Provider

18 Configuring Identity Assertion Providers

19 Configuring the Virtual User Authentication Provider

20 Configuring the Oracle Identity Cloud Integrator Provider

Part IV Configuring Single Sign-On

21 Configuring Single Sign-On with Microsoft Clients

22 Configuring Single Sign-On with Web Browsers and HTTP Clients Using SAML

23 Configuring SAML 1.1 Services

24 Configuring SAML 2.0 Services

25 Enabling Debugging for SAML 1.1 and 2.0

Part V Managing Security Information

26 Migrating Security Data

27 Managing the RDBMS Security Store

28 Managing the Embedded LDAP Server

Part VI Configuring SSL

29 Overview of Configuring SSL in WebLogic Server

30 Configuring Keystores

31 Configuring Oracle OPSS Keystore Service

32 Using Host Name Verification

33 Specifying a Client Certificate for an Outbound Two-Way SSL Connection

34 SSL Debugging

35 SSL Certificate Validation

36 Using JCE Providers with WebLogic Server

37 Enabling FIPS Mode

38 Specifying the SSL Protocol Version

39 Using the JSSE-Based SSL Implementation

40 X.509 Certificate Revocation Checking

41 Configuring an Identity Keystore Specific to a Network Channel

42 Configuring RMI over IIOP with SSL

43 Using a Certificate Callback Handler to Validate End User Certificates

Part VII Advanced Security Topics

44 Configuring Cross-Domain Security

45 Configuring JASPIC Security

Part VIII Appendixes

A Keytool Command Summary

B Interoperating With Keystores From Prior Versions