Inc. Server User Manual

Upgrading Security

BEA WebLogic Server 7.0 Upgrade Guide 1-11

9. Reboot WebLogic Server.

10. Expand the Domains-->Security nodes.

11. Select the General tab.

12. Set the security realm in which you configured the Realm Adapter Authentication

provider as the default security realm.

13. Click Apply.

Note: ACLs cannot be upgraded to WebLogic Server 7.0.

Guest User

The guest user is no longer supplied by default in WebLogic Server 7.0. To use the

guest user, you must run in Compatibility security or define the guest user as a user

in the default Authentication provider for your security realm. For information about

defining users, see “Creating Users” in Securing WebLogic Resources.

In WebLogic Server 6.x, the

guest user identified any unauthenticated user

(anonymous user) as a guest user and allowed the guest user access to WebLogic

Server resources. In 7.0, WebLogic Server distinguishes between the guest user and an

anonymous user. To use the guest user as you did in WebLogic Server 6.x, add the

guest user to the default Authentication provider and set the following property when

starting WebLogic Server:

-Dweblogic.security.anonymousUserName=guest

Without this command line property, the anonymous user will have the name of

<anonymous>.

password.ini File

Previous releases of WebLogic Server supported the use of a password.ini file for

determining the administrative identity of a WebLogic Server deployment. The

password.ini file is no longer supported in WebLogic Server 7.0. It is replaced by

the

boot.properties file, which contains your username and password in an

encrypted format. For more information about using the

boot.properties file, see