Service Layer Security Model Configuration with WebLogic 15.1.1
The service layer security will be a BASIC authentication and authorization using container based security model. WebLogic Server provides a standard security model for securing web-application deployed in WebLogic. WebLogic comes with variety of security models for application resources. Some of the common options available are:
-
DD Only: Use only roles and policies that are defined in the deployment descriptors.
-
Custom Roles: Use roles that are defined in the Administration Console; use policies that are defined in the deployment descriptor.
-
Custom Roles and Policies: Use only roles and policies that are defined in the Administration Console.
-
Advanced: Use a custom model that you have configured on the realm's configuration page.
Note: Currently, Service Layer is implemented by default security model with Deployment Descriptor configuration out of the box, and the user can override the security model (Roles, Policies) using Advanced (custom) security model.
