Configuring Security for Oracle CEP 10-29 projects\domains\mydomain, and servername refers to the name of your server: prompt cd d:\oracle_cep\user_projects\domains\mydomain\defaultserver\config 2. Using your favorite text editor, edit the security.xml file. 3. Locate the sec:auditor element. Example 10–15 shows the default sec:auditor element configuration: Example 10–15 Default sec:auditor Element sec:auditor xsi:type=wls:default-auditorType sec:namemy-auditorsec:name wls:severityCUSTOMwls:severity wls:rotation-minutes720wls:rotation-minutes wls:error-audit-severity-enabledtruewls:error-audit-severity-enabled wls:failure-audit-severity-enabledtruewls:failure-audit-severity-enabled sec:auditor 4. Modify the sec:auditor element as required: ■ wls:rotation-minutes: Specifies how many minutes to wait before creating a new DefaultAuditRecorder.log file. At the specified time, the audit file is closed and a new one is created. A backup file named DefaultAuditRecorder.YYYYMMDDHHMM.log for example, DefaultAuditRecorder.200405130110.log is created in the same directory. ■ wls:severity: Specifies the severity level appropriate for your Oracle CEP server as Table 10–3 lists. The Oracle CEP security auditor audits security events of the specified severity, as well as all events with a higher numeric severity rank. For example, if you set the severity level to ERROR, the Oracle CEP security auditor audits security events of severity level ERROR, SUCCESS, and FAILURE. You can also set the wls:severity level to CUSTOM, and then enable set to true or disable set to false the specific severity levels you want to audit using one or more of the following child elements as Example 10–15 shows: – wls:information-audit-severity-enabled: If the severity value is set to CUSTOM, setting this child element to true causes the Oracle CEP security auditor to generate audit records for events with a severity level of INFORMATION. – wls:warning-audit-severity-enabled: If the severity value is set to CUSTOM, setting this child elemnent to true causes the Oracle CEP Table 10–3 Oracle CEP Security Auditor Severity Levels Event Severity Rank INFORMATION 1 WARNING 2 ERROR 3 SUCCESS 4 FAILURE 5 10-30 Oracle Complex Event Processing Administrators Guide security auditor to generate audit records for events with a severity level of WARNING. – wls:error-audit-severity-enabled: If the severity value is set to CUSTOM, setting this child elemnent to true causes the Oracle CEP security auditor to generate audit records for events with a severity level of ERROR. – wls:success-audit-severity-enabled: If the severity value is set to CUSTOM, setting this child elemnent to true causes the Oracle CEP security auditor to generate audit records for events with a severity level of SUCCESS. – wls:failure-audit-severity-enabled: If the severity value is set to CUSTOM, setting this child elemnent to true causes the Oracle CEP security auditor to generate audit records for events with a severity level of FAILURE. 5. Save and close the security.xml file. 6. Restart the Oracle CEP server for the changes to take effect. See Section 1.5.4, Starting and Stopping Oracle CEP Servers .

10.10 Disabling Security

You can disable security entirely on the Oracle CEP server. While this configuration may be appropriate for development environments, Oracle does not recommend disabling security in a production environment. To temporarily disable security, you can run the startwlevs.cmd or startwlevs.sh script with the -disablesecurity argument on the command line. For example: startwlevs.cmd -disablesecurity Note: In some sample domains, the startwlevs.cmd and startwlevs.sh scripts already include a -disablesecurity argument. Executing such a script with -disablesecurity on the command line will fail with an Illegal argument error.