Introduction to Securing WebLogic Resources

 

Overview of Securing WebLogic Resources

Audience for This Guide

Terms and Concepts

Securing WebLogic Resources: Main Steps

 

Types of WebLogic Resources

 

Overview of WebLogic Resource Types

Administrative Resources

Application Resources

Enterprise Information Systems (EIS) Resources

COM Resources

Java DataBase Connectivity Resources

Java Messaging Service Resources

Java Naming and Directory Interface (JNDI) Resources

Server Resources


Layered Security Scheme for Server Resources
Security Policies for Server Resources
MBean Protections
How the WebLogic Security Service Verifies Layered Protections
Example of Layered Protection for a Server Resource
Maintaining a Consistent Security Scheme
Permissions for Starting and Shutting Down Servers
Permissions for Using the weblogic.Server Command
Permissions for Using the Node Manager
Shutting Down a WebLogic Server Instance

 

URL (Web) and EJB (Enterprise JavaBean) Resources


Techniques for Securing URL and EJB Resources
Using the WebLogic Server Administration Console
Using Deployment Descriptors
Using the Administration Console and Deployment Descriptors
Prerequisites for Securing URL and EJB Resources
Understanding How to Check Security Roles and Security Policies
Understanding What to Do on Future Redeploys of the WebLogic Resource
How to Change the Check Roles and Policies and Future Redeploys Settings
Understanding How These Settings Interact
Using the Combined Technique to Secure Your URL and EJB Resources
Copying Security Configurations
Reinitializing Security Configurations

 

Web Service Resources

 

Users and Groups

 

Overview of Users and Groups

Creating Users

Adding Users to Groups

Modifying Users

Deleting Users

Default Groups

Creating Groups

Nesting Groups

Modifying Groups

Deleting Groups

 

Security Roles

 

Overview of Security Roles

Dynamic Role Mapping

Types of Security Roles: Global Roles and Scoped Roles

Using the Administration Console to Create Security Roles

Default Global Roles


Protected MBean Attributes and Operations

 

Default Group Associations

Components of a Security Role: Role Conditions, Expressions, and Role Statements

Working with Global Roles


Creating Global Roles
Modifying Global Roles
Deleting Global Roles

 

Working with Scoped Roles


Creating Scoped Roles
Step 1: Select the WebLogic Resource
Step 2: Create the Scoped Role
Step 3: Create the Role Conditions
Modifying Scoped Roles
Deleting Scoped Roles

 

Security Policies

 

Overview of Security Policies

Security Policy Granularity and Inheritance

Security Policy Storage and Prerequisites for Use

Default Security Policies

Protected Public Interfaces

Components of a Security Policy: Policy Conditions, Expressions, and Policy Statements

Working with Security Policies


Creating Security Policies
Step 1: Select the WebLogic Resource
Step 2: Create the Policy Conditions
Modifying Security Policies
Deleting Security Policies

Skip footer navigation  Back to Top Previous Next