Overview of Security Management

 

Audience

How Security Changed in WebLogic Server


Change in Scope of Security Realms
Security Providers
Security Policies Instead of ACLs
WebLogic Resources
Deployment Descriptors and the WebLogic Server Administration Console

 

The Default Security Configuration in WebLogic Server

Configuration Steps for Security

What Is Compatibility Security?

Management Tasks Available in Compatibility Security

 

Customizing the Default Security Configuration

 

Why Customize the Default Security Configuration?

Creating a New Security Realm

Testing a New Security Realm

Setting a New Security Realm as the Default (Active) Security Realm

Deleting a Security Realm

Reverting to a Previous Security Configuration

 

Configuring Security Providers

 

When Do I Need to Configure a Security Provider?

Configuring a WebLogic Adjudication Provider

Configuring a WebLogic Auditing Provider

Choosing an Authentication Provider

Configuring an Authentication Provider: Main Steps

Setting the JAAS Control Flag Attribute

Configuring an LDAP Authentication Provider


Requirements for Using an LDAP Authentication Provider
Configuring a LDAP Authentication Provider
Setting LDAP Server and Caching Information
Locating Users in the LDAP Directory
Locating Groups in the LDAP Directory
Locating Members of a Group in the LDAP Directory
Accessing Other LDAP Servers
Configuring Failover for LDAP Authentication Providers

 

Configuring a WebLogic Authentication Provider

Configuring a Realm Adapter Authentication Provider

Configuring a WebLogic Identity Assertion Provider


Configuring Identity Assertion Performance in the Server Cache

 

Changing the Order of Authentication Providers

Configuring a User Name Mapper

Configuring a Custom User Name Mapper

Configuring a WebLogic Authorization Provider

Configuring a WebLogic Credential Mapping Provider

Configuring a WebLogic Keystore Provider

Configuring a WebLogic Role Mapping Provider

Configuring a Custom Security Provider

Deleting a Security Provider

 

Migrating Security Data

 

Overview of Security Data Migration

Migration Concepts

Importing and Exporting Security Data from Security Realms

Importing and Exporting Security Data from Security Providers

Using the weblogic.Admin Utility

 

Single Sign-On with Enterprise Information Systems

 

Overview

Using Deployment Descriptors to Create Credential Maps (Deprecated)


Importing Information from weblogic-ra.xml into the Embedded LDAP Server
Avoiding Overwriting of Credential Mapping Information

 

Using the WebLogic Administration Console to Create Credential Maps

 

Managing the Embedded LDAP Server

 

Configuring the Embedded LDAP Server

Embedded LDAP Server Replication

Configuring Backups for the Embedded LDAP Server

Viewing the Contents of the Embedded LDAP Server from an LDAP Browser

Exporting and Importing Information in the Embedded LDAP Server

LDAP Access Control Syntax


The Access Control File
Access Control Location
Access Control Scope
Access Rights
Attribute Permissions
Entry Permissions
Attributes Types
Subject Types
Grant/Deny Evaluation Rules

 

Configuring SSL

 

SSL: An Introduction

Private Keys, Digital Certificates, and Trusted Certificate Authorities

One-Way and Two-Way SSL

Setting Up SSL: Main Steps

Obtaining Private Keys, Digital Certificates, and Trusted Certificate Authorities


Using the Cert Gen Utility
Using Certificate Chains (Deprecated)
Converting a Microsoft p7b Format to PEM Format
Using Your Own Certificate Authority
Getting a Digital Certificate for a Web Browser

 

Storing Private Keys, Digital Certificates, and Trusted Certificate Authorities


Creating a Keystore and Loading Private Keys and Trusted Certificate Authorities into the Keystore
Common Keytool Commands

 

How WebLogic Server Locates Trust

Configuring Keystores

Configuring SSL

Configuring Two-Way SSL

Disabling the SSL Port

Using Host Name Verification

Enabling SSL Debugging

SSL Session Behavior

Configuring SSL for the Node Manager


SSL Requirements for Administration Servers
SSL Requirements for Managed Servers
SSL Requirements for the Node Manager
Host Name Verification Requirements
Identity and Trust: Demonstration Versus Production
Node Manager SSL Demonstration Configuration: Main Steps
Node Manager SSL Production Configuration: Main Steps
Using Files and the WebLogic Keystore Provider

 

Configuring RMI over IIOP with SSL

SSL Certificate Validation


Controlling the Level of Certificate Validation
Checking Certificate Chains
Troubleshooting Problems with Certificates

 

Using the nCipher JCE Provider with WebLogic Server

Specifying the Version of the SSL Protocol

Using the SSL Protocol to Connect to WebLogic Server from weblogic.Admin


Ensure Two-Way SSL Is Disabled on the SSL Server
Use a Secure Port in the URL
Specify Trust for weblogic.Admin
Specify Host Name Verification for weblogic.Admin

 

Protecting User Accounts

 

Protecting Passwords

Setting Lockout Attributes for User Accounts

Unlocking a User Account

 

Configuring Security for a WebLogic Domain

 

Enabling Trust Between WebLogic Server Domains

Configuring Connection Filtering

Viewing MBean Attributes

 

Using Compatibility Security

 

Running Compatibility Security: Main Steps

The Default Security Configuration in the CompatibilityRealm

Configuring the Identity Assertion Provider in the Realm Adapter Authentication Provider

Configuring a Realm Adapter Auditing Provider

Protecting User Accounts in Compatibilty Security

Accessing 6.x Security from Compatibility Security

Skip footer navigation  Back to Top Previous Next