Technical data

8 Protecting System Administration Operations

8-2 Configuring and Managing WebLogic Server

Operations Available to Each Role

Table 8-1 describes the four global roles that WebLogic Server uses to determine

access privileges for system administration operations, and the permissions granted to

each role.

No user, regardless of role membership, can view the non-encrypted version of an

encrypted attribute.

Table 8-1 Global Roles and Permissions

Global Role Permissions

Admin View the server configuration, including the encrypted value of

encrypted attributes.

Modify the entire server configuration.

Deploy applications, EJBs, startup and shutdown classes, J2EE

Connectors, and Web Service components, and edit deployment

descriptors.

Start, resume, and stop servers by default. “Permissions for Starting

and ShuttingDown a WebLogic Server” on page 8-8, provides more

information.

Deployer View the server configuration, except for encrypted attributes.

Deploy applications, EJBs, startup and shutdown classes, J2EE

Connectors, and Web Service components, and edit deployment

descriptors.

Operator View the server configuration, except for encrypted attributes.

Start, resume, and stop servers by default. “Permissions for Starting

and ShuttingDown a WebLogic Server” on page 8-8, provides more

information.

Monitor View the server configuration, except for encrypted attributes.

This role effectively provides read-only access to the

Administration Console,

weblogic.Admin utility and MBean

APIs.