Weblogic training-course-navi-mumbai-weblogic-course-provider-navi-mumbai

311 views
236 views

Published on

weblogic-course-provider-navi-mumbai-weblogic-classes-navi-mumbai-weblogic-training-navi-mumbai
B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173
enquiry@vibrantgroup.co.in

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
311
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Weblogic training-course-navi-mumbai-weblogic-course-provider-navi-mumbai

  1. 1. Vibrant Technologies & Computers weblogic COURSE Make Career With Us!! B2/6/2 Vashi ,Navi Mumbai,
  2. 2. weblogictraining.vibranttechnologies.co.in Security Realm  A security realm comprises mechanisms for protecting WebLogic resources.  Each security realm consists of a set of:     Users Groups Security roles Security policies  Configured security providers  A user must be defined in a security realm in order to access any WebLogic resource belonging to that realm. When a user attempts to access a particular WebLogic resource, WebLogic Server tries to authenticate and authorize the user by checking the security role assigned to the user in the relevant security realm and the security policy of the particular WebLogic resource. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in 
  3. 3. weblogictraining.vibranttechnologies.co.in WebLogic Server Security Realm Defined Scoped Security Roles and Security Policies Default Group, Security Roles, Security Policies Defined users, Groups, Security Roles Security Provider Databases Security Providers B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in WebLogic Resources
  4. 4. weblogictraining.vibranttechnologies.co.in Users   Users are entities that can be authenticated in a security realm. A user can be:  A person (application end user)  A software entity (a client application)  Other instance of WebLogic Server.  Authentication (principal) a user is assigned an identity each user is given a unique identity within the security realm!  If WebLogic can verify the identity of the user (based on the username and credential), WebLogic Server associates the principal with a thread that executes code on behalf of the user.  Users (or groups) are associated with security roles.  Authorization: before the thread begins executing code, WebLogic Server checks the security policy of the WebLogic resource and the principal to make sure that the user has required permissions to continue. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in
  5. 5. weblogictraining.vibranttechnologies.co.in Groups  Groups are logically ordered sets of users.  Groups are used to provide different levels of access to WebLogic resources to different users, depending on their functions.  Managing groups is more efficient than managing large numbers of users individually.  All user names and groups must be unique within a security realm. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in
  6. 6. weblogictraining.vibranttechnologies.co.in Security Roles  A security role is a privilege granted to users (groups) based on specific conditions.  Like groups, security roles allow to restrict access to WebLogic resource for several users at once.  Unlike groups, security roles:  Are computed and granted dynamically, based on conditions (user name, group membership, time of the day).  Can be scoped to specific WebLogic resources within a single application in a WebLogic Server domain (groups are always scoped to an entire WebLogic Server domain).  Granting a security role to a user (group) confers the defined access privileges to that user (group), as long as the user is “in” the security role. Multiple users or groups can be granted a single security role. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in
  7. 7. weblogictraining.vibranttechnologies.co.in Security policies  A security policy is an association between a WebLogic resource and one or more users, groups, or security roles.  Security policies protect the WebLogic resource against unauthorized access.  A policy condition – a condition under which a security policy will be created.  WebLogic Server provides a set of default policy conditions. WebLogic Server includes policy conditions that access ◦ HTTP Servlet Request ◦ Session attributes ◦ EJB method parameters.  Date and Time policy conditions are included in the Policy Editor. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in
  8. 8. weblogictraining.vibranttechnologies.co.in Security providers  Security providers are modules that provide security services to application to protect WebLogic resources.  You can: ◦ Use the security providers that are provided as part of the WebLogic Server product. ◦ Purchase custom security providers from third-party security vendors. ◦ Develop your own custom security providers. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in
  9. 9. weblogictraining.vibranttechnologies.co.in Security Provider Databases  Contains ◦ ◦ ◦ ◦ ◦  The security provider database can be: ◦ ◦ ◦ ◦  Users Groups Security roles Security policies Credentials The embedded LDAP server An external LDAP server A properties file A production-quality, customer-supplied database. The security provider database should be initialized the first time security providers are used. ◦ When a WebLogic Server instance boots. ◦ When a call is made to one of the security provider’s MBeans. B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in
  10. 10. weblogictraining.vibranttechnologies.co.in Types of security providers            Authentication Providers Assertion Providers Principal Validation Providers Authorization Providers Adjudication Providers Role Mapping Providers Auditing Providers Credential Mapping Providers CerthPath Providers Keystore Providers WebLogic Realm Adapter Providers B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in
  11. 11. weblogictraining.vibranttechnologies.co.in The Authentication process JAAS Login Username/Password LoginModules WebLogic Server Client Application Subject Sign B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in Principal Validation Provider
  12. 12. weblogictraining.vibranttechnologies.co.in Authentication Providers   Allow WebLogic Server to establish trust by validating a user. The default (active) security realm for WebLogic Server includes a WebLogic Authentication Provider. ◦ It supports:  Delegated username/password authentication.  WebLogic server security digest and certificate authentication.  HTTP certificate authentication proxied through an external Web server. ◦ Allows to edit, list and manage users and group membership.  WebLogic Server provides additional Authentication Providers: ◦ A set of LDAP Authentication providers ◦ A set of Database Base Management System (DBMS) Authentication Providers  SQL Authentication Provider  Read-only SQL Authentication Provider  Custom DBMS Authentication Provider B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in
  13. 13. weblogictraining.vibranttechnologies.co.in The Authorization Process B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in
  14. 14. weblogictraining.vibranttechnologies.co.in The Auditing Process B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in
  15. 15. weblogictraining.vibranttechnologies.co.in Where to Get More Information Vibrant Group: www.vibrantgroup.co.in Vibrant Technologies & Computers www.vibranttechnologies.co.in/technologies.vibrantgroup .co.in Vibrant HR Team www.hr.vibrangroup.co.in B2/6/2 Vashi ,Navi Mumbai, Contact:09892900103/9892900173 weblogictraining.vibranttechnologies.co.in

×