Resource Types You Can Secure with Policies 3-3

3.2 Application Resources

An application resource is an enterprise application, Web application, or other Java EE module that you deploy as a stand-alone application for example, you can deploy Web Services and JDBC modules as stand-alone applications. You secure an application resource when you want to protect all resources that constitute the application. For example, securing an enterprise application protects access to all WebLogic resources within that application see Figure 3–2 . Figure 3–2 Application Resource Protects All Resources See Section 2.1.1.2, Protecting a Hierarchy of Resources.

3.3 COM Resources

A COM resource represents a package that contains one or more jCOM classes. jCOM is a software bridge that allows bidirectional access between JavaJava EE objects deployed in WebLogic Server and Microsoft ActiveX components available within the Microsoft Office family of products, Visual Basic and C++ objects, and other Component Object ModelDistributed Component Object Model COMDCOM environments. View domain and server logs through the Administration Console. Admin, Deployer, Operator, Monitor Yes Unlock users who have been locked out of their accounts. Admin Yes Table 3–1 Cont. Activities And Default Policies For Administrative Resources Administrative Activities Default Policy Allows These Roles Also Protected By a JMX Resource? 3-4 Securing Resources Using Roles and Policies for Oracle WebLogic Server A policy on a COM resource protects access to all jCOM objects in a package. For related information, see Configuring Access Control in Programming JCOM for Oracle WebLogic Server.

3.4 EJB Resources

An EJB Enterprise JavaBean resource is an EJB deployment module JAR, individual EJB, or individual method in an EJB. EJB resources exist within a hierarchy of resources, and at the top of the hierarchy is an application resource. See Section 2.1.1.2, Protecting a Hierarchy of Resources. Because the Java EE platform standardizes EJB security in deployment descriptors, WebLogic Server integrates this standard mechanism with its Security Service to give you a choice of techniques for securing EJB resources. For more information, see Chapter 4, Options for Securing Web Application and EJB Resources.

3.5 Enterprise Information Systems EIS Resources