Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Configure new security realms

Before you begin

Before creating a new security realm, you should decide:
  • What security providers you want to configure
  • What model to use to set security roles and security policies for Web application and EJB resources
  • Whether to enable automatic realm restart

For more information, see Before You Create a New Security Realm.

To create and configure a new security realm:

  1. If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
  2. In the left pane, select Security Realms.

    All the security realms available for the WebLogic domain are listed in the Realms table.

  3. Click New.
  4. On the Create a New Realm page, enter the name of the new security realm.
  5. If you want to configure the default set of security providers in the new security realm, select Create default providers within this new realm.

    This option is provided as a convenience mechanism for automatically configuring the following providers:

    • WebLogic Authentication provider, DefaultAuthenticator
    • WebLogic Identity Assertion provider, DefaultIdentityAsserter
    • Password Validation provider, SystemPasswordValidator
    • WebLogic XACML Authorization provider, XACMLAuthorizer
    • WebLogic Adjudication provider, DefaultAdjudicator
    • WebLogic XACML Role Mapping provider, XACMLRoleMapper
    • WebLogic Credential Mapping provider, DefaultCredentialMapper
    • WebLogic CertPath provider, WebLogicCertPathProvider

    Step 8, below, explains how to configure the requisite security providers individually, which you may prefer as an alternative to choosing the default set.

  6. Optionally, select Ignore Deploy Credential Mapping.
  7. Click OK.

    The new security realm is created.

  8. In the Summary of Security Realms page, click the name of the new security realm.
  9. Configure the required security providers for the security realm. In order for a security realm to be valid, you must configure an Authentication provider, an Authorization provider, an Adjudication provider, a Credential Mapping provider, a CertPathBuilder, and a Role Mapping provider. Otherwise, you will not be able to set the new security realm as the default security realm. For more information, see Manage security providers.
  10. Optionally, define an Identity Assertion and Auditing provider.
  11. Define groups and users for the security realm. For more information, see Manage users and groups.
  12. Grant users and groups in the security realm roles. For more information, see Manage security roles.
  13. Protect WebLogic resources in the security realm with security policies. For more information, see Securing Resources Using Roles and Policies for Oracle WebLogic Server.
  14. Optionally, set the new realm as the default security realm for the WebLogic domain. For more information, see Change the default security realm.
  15. In the Change Center, click Activate Changes.

Back to Top