18 WebLogic Server Security
A security realm comprises mechanisms for protecting WebLogic Server resources. Each security realm consists of a set of configured security providers, users, groups, security roles, and security policies. A user must be defined in a security realm in order to access any WebLogic Server resources belonging to that realm. When a user attempts to access a particular WebLogic Server resource, WebLogic Server tries to authenticate and authorize the user by checking the security role assigned to the user in the relevant security realm and the security policy of the particular WebLogic Server resource.
Note:
To log into a domain partition, you must have the administrator role. For complete information, see Configuring Security in Using WebLogic Server MT.
If you are logged into a domain partition, navigate from the Domain Partition menu. Note that WebLogic Server Multitenant domain partitions, resource groups, resource group templates, and virtual targets are deprecated in WebLogic Server 12.2.1.4.0 and will be removed in the next release.
This chapter includes the following sections:
Create security realms
To create a new security realm:
The new security realm contains the following WebLogic Server security providers with the default configuration settings:
-
DefaultAuthenticator
-
DefaultIdentityAsserter
-
SystemPasswordValidator
-
XACMLAuthorizer
-
DefaultAdjudicator
-
XACMLRoleMapper
-
DefaultCredentialMapper
-
WebLogicCertPathProvider
After creating your security realm, you can change the security providers and provider settings from the WebLogic Server Administration Console.
Monitor WebLogic Server users and groups
This section describes how to monitor the users and groups in your domain. This section includes the following tasks:
Configure WebLogic Server users
This section describes how to create and configure users in your WebLogic Server domain. This section includes the following tasks:
Configure WebLogic Server groups
This section describes how to create and configure groups in your WebLogic Server domain. This section includes the following tasks: