Introduction to Programing WebLogic Security
Audience for This Guide
What Is Security?
Security APIs
JAAS Client Application APIs Java JAAS Client Application APIs WebLogic JAAS Client Application APIsSSL Client Application APIs Java SSL Client Application APIs WebLogic SSL Client Application APIsOther APIs Security Tasks and Code Examples
Securing webapps
J2EE Security Model
Declarative Authorization Programmatic Authorization Declarative Versus Programmatic Authorization Authentication With Web Browsers
User Name and Password Authentication Digital Certificate Authentication Multiple webapps, Cookies, and Authentication
Developing Secure webapps
Developing BASIC Authentication webapps Developing FORM Authentication webapps Developing CLIENT-CERT Authentication webapps Deploying webapps Using Declarative Security With webapps
Using the <externally-defined> Tag With webapps
Using Programmatic Security With webapps
Using the Programmatic Authentication API
Using JAAS Authentication in Java Clients
JAAS and WebLogic Server
JAAS Authentication Development Environment
JAAS Authentication APIs JAAS Client Application Components WebLogic LoginModule Implementation Writing a Client Application Using JAAS Authentication
Using JNDI Authentication
Java Client JAAS Authentication Code Examples
Using SSL Authentication in Java Clients
JSSE and WebLogic Server
Using JNDI Authentication
SSL Certificate Authentication Development Environment
SSL Authentication APIs SSL Client Application Components Writing Applications that Use SSL
Communicating Securely From WebLogic Server to Other WebLogic Servers Writing SSL Clients SSLClient SampleSSLSocketClient SampleSSLClientServlet Sample Using Two-Way SSL Authentication Two-Way SSL Authentication with JNDI Writing a User Name MapperUsing Two-Way SSL Authentication Between WebLogic Server InstancesUsing Two-Way SSL Authentication with ServletsUsing a Custom Host Name Verifier Using a Trust Manager Using a Handshake Completed Listener Using an SSLContext Using an SSL Server Socket Factory Using URLs to Make Outbound SSL Connections SSL Client Code Examples
J2EE Architecture Security Model
Declarative Authorization Programmatic Authorization Declarative Versus Programmatic Authorization Using Declarative Security With EJBs
Using the <externally-defined> Tag with EJBs
Using Programmatic Security With EJBs
Using Network Connection Filters
The Benefits of Using Network Connection Filters
Connection Filter Interfaces ConnectionFilter InterfaceConnectionFilterRulesListener Interface Connection Filter Classes ConnectionFilterImpl ClassConnectionEvent Class Guidelines for Writing Connection Filter Rules
Connection Filter Rules Syntax Types of Connection Filter Rules How Connection Filter Rules are Evaluated Configuring the WebLogic Connection Filter
Developing Custom Connection Filters
Connection Filter Examples
SimpleConnectionFilter Example SimpleConnectionFilter2 Example Example of the accept Method Used in Filtering Network Connections Using Java Security to Protect WebLogic Resources
Using J2EE Security to Protect WebLogic Resources
Using the Java Security Manager to Protect WebLogic Resources
Setting Up the Java Security Manager Modifying the weblogic.policy file for General Use Setting Application-Type Security PoliciesSetting Application-Specific Security PoliciesUsing the Recording Security Manager Utility