Before you begin
Understand the WebLogic Security Framework. For an introduction, see Understanding Security for Oracle WebLogic Server.
Learn about how to customize and administer a WebLogic security realm. See Administering Security for Oracle WebLogic Server.
Learn about how to secure applications and other WebLogic resources. See Securing Resources Using Roles and Policies for Oracle WebLogic Server.
Because your WebLogic Server production environment is likely to contain a number of Managed Servers and application resources (such as EARs, WARs, and EJBs) deployed to these servers, ensuring that your environment is secure means ensuring that each piece of the environment is secure. Each time you create a new WebLogic Server instance or deploy a new module, you should secure them or at minimum, double check that they are already secured by an existing security policy.
The basic elements of the WebLogic Security Framework include: