WebLogic Auditing Provider-->General
Tasks Related Topics Attributes
Overview
Use this page to configure a WebLogic Auditing provider for a security realm. Note that the WebLogic Server Administration Console refers to the WebLogic Auditing provider as the Default Auditor.
Auditing is the process whereby information about operating requests and the outcome of those requests are collected, stored, and disturbed for the purposes of nonrepudiation. In other words, auditing provides an electronic trail of computer activity. In the WebLogic Server security architecture, an Auditing provider is used to provide auditing services.
If configured, the WebLogic Server Security Framework will call through to an Auditing provider before and after security operations (such as authentication or authorization) have been performed, enabling audit event recording. The decision to audit a particular event is made by the Auditing provider itself and can be based on specific audit criteria and/or severity levels. The records containing the audit information may be written to output repositories such as an LDAP back-end, database, and a simple file.
All auditing information recorded by the WebLogic Auditing provider is saved in WL_HOME\mydomain\myserver\DefaultAuditRecorder.log. Auditing is configured for the security realm but each server instance writes to its own file.
You can use a custom Auditing provider instead of the WebLogic Auditing provider. For a custom Auditing provider to be available through the WebLogic Server Administration Console, the MBean JAR file for the provider must be in the WL_HOME\lib\mbeantypes directory.
Tasks
Configuring a WebLogic Auditing Provider
Related Topics
Introduction to WebLogic Security
Developing Security Providers for WebLogic Server
Securing a Production Environment
The Security topics in the WebLogic Server 8.1 Upgrade Guide
The Security page in the WebLogic Server documentation
Attributes
|
|
|