Your SlideShare is downloading. ×
Weblogic training-course-navi-mumbai-weblogic-course-provider-navi-mumbai
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Weblogic training-course-navi-mumbai-weblogic-course-provider-navi-mumbai


Published on

Best Weblogic Training course provider Navi Mumbai, Weblogic Training course details,Weblogic Training coaching center Navi Mumbai,Weblogic Training course syllabus navi mumbai,Weblogic Training …

Best Weblogic Training course provider Navi Mumbai, Weblogic Training course details,Weblogic Training coaching center Navi Mumbai,Weblogic Training course syllabus navi mumbai,Weblogic Training courses Navi Mumbai,Weblogic Training course training center Navi Mumbai,Weblogic Training courses

Published in: Education, Technology

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Vibrant Technologies & Computers weblogic COURSE Make Career With Us!! B2/6/2 Vashi ,Navi Mumbai,
  • 2. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 Security Realm  A security realm comprises mechanisms for protecting WebLogic resources.  Each security realm consists of a set of:  Users  Groups  Security roles  Security policies  Configured security providers  A user must be defined in a security realm in order to access any WebLogic resource belonging to that realm.  When a user attempts to access a particular WebLogic resource, WebLogic Server tries to authenticate and authorize the user by checking the security role assigned to the user in the relevant security realm and the security policy of the particular WebLogic resource.
  • 3. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 WebLogic Server Security Realm Default Group, Security Roles, Security Policies Security Providers Defined users, Groups, Security Roles W ebLogic Resources Defined Scoped Security Roles and Security Policies Security P rovider Databases
  • 4. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 Users  Users are entities that can be authenticated in a security realm.  A user can be:  A person (application end user)  A software entity (a client application)  Other instance of WebLogic Server.  Authentication a user is assigned an identity (principal) each user is given a unique identity within the security realm!  If WebLogic can verify the identity of the user (based on the username and credential), WebLogic Server associates the principal with a thread that executes code on behalf of the user.  Users (or groups) are associated with security roles.  Authorization: before the thread begins executing code, WebLogic Server checks the security policy of the WebLogic resource and the principal to make sure that the user has required permissions to continue.
  • 5. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 Groups  Groups are logically ordered sets of users.  Groups are used to provide different levels of access to WebLogic resources to different users, depending on their functions.  Managing groups is more efficient than managing large numbers of users individually.  All user names and groups must be unique within a security realm.
  • 6. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 Security Roles  A security role is a privilege granted to users (groups) based on specific conditions.  Like groups, security roles allow to restrict access to WebLogic resource for several users at once.  Unlike groups, security roles:  Are computed and granted dynamically, based on conditions (user name, group membership, time of the day).  Can be scoped to specific WebLogic resources within a single application in a WebLogic Server domain (groups are always scoped to an entire WebLogic Server domain).  Granting a security role to a user (group) confers the defined access privileges to that user (group), as long as the user is “in” the security role. Multiple users or groups can be granted a single security role.
  • 7. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 Security policies  A security policy is an association between a WebLogic resource and one or more users, groups, or security roles.  Security policies protect the WebLogic resource against unauthorized access.  A policy condition – a condition under which a security policy will be created.  WebLogic Server provides a set of default policy conditions. WebLogic Server includes policy conditions that access ◦ HTTP Servlet Request ◦ Session attributes ◦ EJB method parameters.  Date and Time policy conditions are included in the Policy Editor.
  • 8. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 Security providers  Security providers are modules that provide security services to application to protect WebLogic resources.  You can: ◦ Use the security providers that are provided as part of the WebLogic Server product. ◦ Purchase custom security providers from third-party security vendors. ◦ Develop your own custom security providers.
  • 9. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 Security Provider Databases  Contains ◦ Users ◦ Groups ◦ Security roles ◦ Security policies ◦ Credentials  The security provider database can be: ◦ The embedded LDAP server ◦ An external LDAP server ◦ A properties file ◦ A production-quality, customer-supplied database.  The security provider database should be initialized the first time security providers are used. ◦ When a WebLogic Server instance boots. ◦ When a call is made to one of the security provider’s MBeans.
  • 10. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 Types of security providers  Authentication Providers  Assertion Providers  Principal Validation Providers  Authorization Providers  Adjudication Providers  Role Mapping Providers  Auditing Providers  Credential Mapping Providers  CerthPath Providers  Keystore Providers  WebLogic Realm Adapter Providers
  • 11. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 The Authentication process Client Application W ebLogic Server LoginM odules Principal Validation Provider Username/Passw ord Su b ject Sign JAAS Login
  • 12. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 Authentication Providers  Allow WebLogic Server to establish trust by validating a user.  The default (active) security realm for WebLogic Server includes a WebLogic Authentication Provider. ◦ It supports:  Delegated username/password authentication.  WebLogic server security digest and certificate authentication.  HTTP certificate authentication proxied through an external Web server. ◦ Allows to edit, list and manage users and group membership.  WebLogic Server provides additional Authentication Providers: ◦ A set of LDAP Authentication providers ◦ A set of Database Base Management System (DBMS) Authentication Providers  SQL Authentication Provider  Read-only SQL Authentication Provider  Custom DBMS Authentication Provider
  • 13. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 The Authorization Process
  • 14. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 The Auditing Process
  • 15. Where to Get More Information B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 Vibrant Group: Vibrant Technologies & Computers Vibrant HR Team