Administering Security Realms

A security realm is a container for the mechanisms that are used to protect WebLogic resources. Your WebLogic Server is installed with a default security realm, named myrealm. The default security realm simplifies the configuration and management of security by providing pre-configured

• WebLogic authentication

• Identity assertion

• Authorization

• Adjudication

• Role mapping

• Credential mapping

If the default security realm meets your security requirements, you need only to define

• Groups

• Users

• Global Roles

To configure groups, users, and global roles for the default security realm, expand Security and Realms in the navigation tree and click on myrealm. The User Management tab on this console page enables you to manage the three items in the preceding list. The Administration Console help provides a detailed overview for managing your WebLogic security realm. The table of contents panel on the left side of the console help provides direct links to the step-by-step guides for the administrative tasks of configuring the security realm.

WebLogic Server enables you to create a new security realm if the default security realm does not suit your security requirements. The security realm configuration page enables you to combine WebLogic and custom security providers in the configuration of the new security realm. The new security realm must then be set as the default security realm for your domain. To create a new security realm, click on the Realms node in the navigation tree. The Realms console page provides the Configure a New Realm link.