about this package
The examples in this directory demonstrate various uses for WebLogic's
security APIs: WebLogic SSL and WebLogic ACLs.
- The acl example
demonstrates how to restrict access to a WebLogic object with an access
control list (ACL). You define an ACL in the default
WebLogic realm, and then include code in an RMI object to check the list for
authorization before allowing a user to execute it.
The cert example
demonstrates how to set up a class that translates a client certificate,
authenticated via two-way SSL authentication, into an authenticated
WebLogic user. The SimpleCertAuthenticator example extracts the email
name found in the client certificate and returns it as an authenticated
The formauth example shows how to
force authentication on a web page using WebLogic JSP. When you add
the JSP code to the beginning and end of an HTML page, a login form is
displayed. The body of the HTML page is not displayed until the user
enters a username and password that are valid in the WebLogic security
- The proxy
example is a graphical interface implementation of the weblogic.common.ProxyAuthenticator
- The rdbmsrealm
example extends the WebLogic realm with users, groups, ACLs, and
permissions stored in a relational database.
- The delegatingrealm
example allows you to delegate realm services among different classes. For example,
you could delegate User and Group services to UnixRealm and ACL support to RDBMSRealm.
You set properties in a properties file to specify the implementation for each
- The audit
example demonstrates how to implement the weblogic.security.audit.LogProvider interface, a
Security Auditing SPI that lets you audit interesting events such as
authentication requests and Acl tests. This example writes these
messages to the WebLogic Server log. Another implementation might send
messages to a database or an administrative console.
there's more . . .
Read more about WebLogic Security in the Developers Guides,
WebLogic SSL, and