Manualshelf

Technical data

ManualsBrandsBEA ManualsComputer equipmentWebLogic Server 7
231232233234235236237238239240
14 Managing Security
14-2 Administration Guide
Steps for Configuring Security
Implementing security in a WebLogic Server deployment largely consists of
configuring attributes that define the security policy for that deployment. WebLogic
Server provides an Administration Console to help you define the security policy for
your deployment. Using the Administration Console, you specify security-specific
values for the following elements of your deployment:
n Security realms
n Users and Groups
n Access Control Lists (ACLs) and permissions for WebLogic Server resources
n SSL protocol
n Mutual authentication
n Host Name verification
n Audit providers
n Custom filters
n Security context propagation
Because security features are closely related, it is difficult to determine where to start
when configuring security. In fact, defining security for your WebLogic Server
deployment may be an iterative process. Although more than one sequence of steps
may work, BEA Systems recommends the following procedure:
1. Change the password of the
system User to protect your WebLogic Server
deployment. See “Changing the System Password.”
2. Specify a security realm. By default, WebLogic Server is installed with the File
realm in place. However, you may prefer an alternate security realm or a custom
security realm. See “Specifying a Security Realm.”
3. Define Users for the security realm. You can organize Users further by
implementing Groups in the security realm. See “Defining Users.”
4. Define ACLs and permissions for the resources in your WebLogic Server
deployment. See “Defining ACLs.”