WebLogic Server 6.1 Examples: Package examples.security

Package

Class

WebLogic Server 6.1 Code Examples, BEA Systems, Inc.

Package examples.security

The examples.security package includes code examples that demonstrate the following security features of WebLogic Server:

Security realms (both default and custom)
Authentication of clients
Authorization of Users and Groups through access control lists (ACLs)
The Java Authentication and Authorization Service (JAAS) SPI
The Secure Sockets Layer (SSL) protocol
Auditing of events
Filtering of client connections

Security Examples Summary

acl Demonstrates how to restrict access to a WebLogic resource (in this case a RMI object) with an ACL. You define an ACL in the fileRealm security realm and include code to check the permission for the RMI object before allowing a user to execute it.

audit Demonstrates writing an audit provider using the weblogic.security.audit package. Audit providers allow you to log security events that occur in the WebLogic Server environment.

cert Demonstrates how to set up a class that translates the digital certificate for a client authenticated via mutual authentication into an authenticated WebLogic User. The SimpleCertAuthenticator example extracts the email name found in the digital certificate and returns it as an authenticated WebLogic User.

sslclient Demonstrates making an outbound SSL connection from an application client or from within WebLogic Server through a servlet.

jaas Demonstrates using the Java Authentication and Authorization Service (JAAS) to authenticate a client based on a supplied username and password or a digital certificate.

net Demonstrates writing a connection filter that implements the weblogic.security.net.ConnectionFilter interface. Connection filters allow you to reject or accept client connections to the WebLogic Server environment based on the client's origin and protocol.

proxy A graphical implementation of the weblogic.common.ProxyAuthenticator interface. The interface allows an application to provide the authentication data required when tunneling WebLogic HTTP and SSL protocols through a proxy server that requires user authentication.

rdbmsrealm Demonstrates how to write a custom security realm that stores Users, Groups, and ACLs in a relational database.

See the individual example pages for instruction on how to build, configure, and run the code examples.

There's More...

Read more about WebLogic Security in Programming WebLogic Security and Managing Security.

Overview

Package

Class

Documentation is available at
http://e-docs.bea.com/wls/docs61/

Security Examples Summary
acl	Demonstrates how to restrict access to a WebLogic resource (in this case a RMI object) with an ACL. You define an ACL in the fileRealm security realm and include code to check the permission for the RMI object before allowing a user to execute it.
audit	Demonstrates writing an audit provider using the weblogic.security.audit package. Audit providers allow you to log security events that occur in the WebLogic Server environment.
cert	Demonstrates how to set up a class that translates the digital certificate for a client authenticated via mutual authentication into an authenticated WebLogic User. The SimpleCertAuthenticator example extracts the email name found in the digital certificate and returns it as an authenticated WebLogic User.
sslclient	Demonstrates making an outbound SSL connection from an application client or from within WebLogic Server through a servlet.
jaas	Demonstrates using the Java Authentication and Authorization Service (JAAS) to authenticate a client based on a supplied username and password or a digital certificate.
net	Demonstrates writing a connection filter that implements the weblogic.security.net.ConnectionFilter interface. Connection filters allow you to reject or accept client connections to the WebLogic Server environment based on the client's origin and protocol.
proxy	A graphical implementation of the weblogic.common.ProxyAuthenticator interface. The interface allows an application to provide the authentication data required when tunneling WebLogic HTTP and SSL protocols through a proxy server that requires user authentication.
rdbmsrealm	Demonstrates how to write a custom security realm that stores Users, Groups, and ACLs in a relational database.