Technical data

14 Managing Security

14-8 Administration Guide

security realm. Reducing the frequency of such calls improves the performance. The

trade-off is that changes to the underlying security realm are not recognized until the

cached object expires.

Note: When you obtain an object from a security realm, the object reflects a snapshot

of the object. To update the object, call the object’s

get() method again. For

example, the membership of a Group is set when the Group is retrieved from

the security realm with a call to the

getGroup() method. To update the

members of the Group, you must call the

getGroup() method again.

By default, the Caching realm operates on the assumption that the alternate security

realm is case-sensitive. In a case-sensitive security realm, the owners of usernames

bill and Bill, for example are treated as two distinct Users. The Windows NT

Security realm and the LDAP Security realm are examples of security realms that are

not case-sensitive. If you are using a security realm that is not case-sensitive, you must

disable the CacheCaseSensitive attribute. When this attribute is set, the Caching realm

converts usernames to lowercase so that WebLogic Server gives correct results for the

security realm when it performs case-sensitive comparisons. When defining or

referencing Users or Groups in a case-sensitive security realm, type usernames in

lowercase.

To configure the Caching realm:

1. Go to the Security

→Caching Realms node in the left pane of the Administration

Console.

2. In the right pane of the Administration Console, click the Configure a New

Caching Realm link.

3. Define the attributes on the General tab in the Caching Realm Configuration

window.

The following table describes the attributes you set on the General tab.

Table 14-2 Caching Realm Attributes on the General Tab

Attribute Description

Name Displays the active security realm as defined

in the Administration Console. This attribute

can not be changed.