Introduction and Roadmap 1-3 ■ Chapter 8, Migrating Security Data, provides information about exporting and importing security data between security realms and security providers. ■ Chapter 9, Managing the Embedded LDAP Server, describes the management tasks associated with the embedded LDAP server used by the WebLogic security providers. ■ Chapter 10, Managing the RDBMS Security Store, describes the steps required to configure the RDBMS security store, which enables you to store the security data managed by several security providers in an external RDBMS system rather than in the embedded LDAP server. The use of the RDBMS security store is required for SAML 2.0 services when configured on multiple servers in a domain, such as in a cluster. ■ Chapter 11, Configuring Identity and Trust, describes how to configure identity and trust for WebLogic Server. ■ Chapter 12, Configuring SSL, describes how to configure SSL for WebLogic Server. ■ Chapter 13, Configuring Security for a WebLogic Domain, describes how to set security configuration options for a WebLogic domain. ■ Chapter 14, Using Compatibility Security, describes how to use Compatibility security, a security configuration mode designed for backwards compatibility with security realms developed under WebLogic Server 6.x. ■ Chapter 15, Security Configuration MBeans, describes which WebLogic Security MBeans and MBean attributes are dynamic can be changed without restarting the server and which are non-dynamic changes require a server restart.

1.4 Related Information

The following Oracle Oracle Fusion Middleware documents contain information that is relevant to the WebLogic Security Service: ■ Understanding Security for Oracle WebLogic Server—Summarizes the features of the WebLogic Security Service, including an overview of its architecture and capabilities. It is the starting point for understanding WebLogic security. ■ Developing Security Providers for Oracle WebLogic Server—Provides security vendors and application developers with the information needed to develop custom security providers that can be used with WebLogic Server. ■ Securing a Production Environment for Oracle WebLogic Server—Highlights essential security measures for you to consider before you deploy WebLogic Server in a production environment. ■ Securing Resources Using Roles and Policies for Oracle WebLogic Server—Introduces the various types of WebLogic resources, and provides information about how to secure these resources using WebLogic Server. This document focuses primarily on securing URL Web and Enterprise JavaBean EJB resources. ■ Programming Security for Oracle WebLogic Server—Describes how to develop secure Web applications. ■ Securing WebLogic Web Services for Oracle WebLogic Server—Describes how to develop and configure secure Web services. ■ Oracle WebLogic Server Administration Console Help—Many security configuration tasks can be performed using the WebLogic Administration Console. The consoles 1-4 Securing Oracle WebLogic Server online help describes configuration procedures and provides a reference for configurable attributes. ■ Upgrade Guide for Oracle WebLogic Server—Provides procedures and other information you need to upgrade from earlier versions of WebLogic Server to this release. It also provides information about moving applications from an earlier version of WebLogic Server to this release. For specific information on upgrading WebLogic Server security, see Upgrading a Security Provider in Upgrade Guide for Oracle WebLogic Server. ■ Oracle WebLogic Server API Reference—Provides reference documentation for the WebLogic security packages that are provided with and supported by this release of WebLogic Server.

1.5 Security Samples and Tutorials