Skip to Main Content
WebLogic: The Definitive Guide
book

WebLogic: The Definitive Guide

by Jon Mountjoy, Avinash Chugh
February 2004
Intermediate to advanced content levelIntermediate to advanced
848 pages
27h 25m
English
O'Reilly Media, Inc.
Content preview from WebLogic: The Definitive Guide

The Security Provider Architecture

Let’s now turn our attention to WebLogic’s infrastructure for application-level security. WebLogic defines a standard set of SSPIs that provide high-level security services. WebLogic also supplies a default set of security providers that implement these SSPIs. These default security providers support and enhance the standard J2EE role-based security framework. In fact, they also allow you to programmatically control its behavior. There are two important characteristics of this security framework:

Modular

The SSPIs are split into discrete modules so that each security provider can deal with different but specific aspects of WebLogic’s security (e.g., authentication, authorization, auditing, and more).

Pluggable

Because these security providers live behind a layer of SSPIs, WebLogic makes it easier to replace or enhance the default implementation with your own or a third-party implementation.

The SSPIs hide the actual implementation of the security providers, thereby enabling you to plug in and play your own modules and modify selected aspects of the security. For instance, the default Authentication Provider can be replaced with one that supports some form of biometric recognition, or the Auditing Provider can be replaced with one that notifies interested parties after a user has made a certain number of failed attempts to log in.

A security realm is a logical grouping of users, groups, roles, and security policies, along with a complete set of security ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Building Microservices with Spring Boot, Second Edition

Building Microservices with Spring Boot, Second Edition

Josh Long / Phillip Webb
Spring Microservices in Action, Second Edition

Spring Microservices in Action, Second Edition

John Carnell, Illary Huaylupo Sanchez
Kubernetes: Up and Running, 2nd Edition

Kubernetes: Up and Running, 2nd Edition

Brendan Burns, Joe Beda, Kelsey Hightower
Learn OpenShift

Learn OpenShift

Denis Zuev, Artemii Kropachev, Aleksey Usov

Publisher Resources

ISBN: 059600432XErrata Page