15.8 Managing Users and Security Policies

15.8.1 Adding Users to WebLogic Embedded ID Store for In-Process Servers

To add users to the ID store for an in-process server, complete the following steps:

1. Navigate to the WebLogic Server Administration Console.

2. From the Domain Structure window on the left pane of the console, select Security Realms > myrealm.

   The Settings for myrealm page is displayed.

3. Click the Users and Groups tab.

4. Click New to add users.

   The User Properties page is displayed.

5. Enter the parameters, and select the DefaultAuthenticator from the Provider drop-down list.

6. Click OK.

15.8.2 Adding Policies to Policy Store for In-Process Servers

To add policies to the policy store for an in-process server, complete the following steps:

1. Log in to Enterprise Manager

2. Navigate to the Reports Application home page.

3. From the Reports menu, select Administration > Manage Reports Security Policies.

   The Security Policy Configuration page is displayed.

4. Click Create to add or edit Reports policies, Web command policies or both.

   The Security Configuration for Reports page is displayed.

5. Enter appropriate values in the Security Configuration for Reports page.

6. Click OK

For more information about security policies, see Section 7.8.2, "Defining Security Policies for Reports".

15.8.3 Mapping Users to Application Roles

After configuring the users, you must map users present in the ID store to one or more application roles. You can configure an application role for an in-process server either through Oracle Enterprise Manager or manually.

In Enterprise Manager, you can complete this task as follows:

1. Navigate to the WebLogic Domain menu.

2. Choose Security > Application Roles.

   The Application Roles page is displayed. In this page, you can map users to application roles.

If the system-jazn-data.xml file is used as the policy store, you can add the following under the reports entry in the system-jazn-data.xml file to configure users to application roles manually:

<app-role>
   <name>rw_administrator</name> 
   <display-name>Reports Administrator</display-name> 
   <class>oracle.security.jps.service.policystore.ApplicationRole</class> 
   <members> 
      <member> 
      <class>weblogic.security.principal.WLSUserImpl</class> 
      <name>weblogic</name> 
     </member>
   </members>
</app-role>

For a sample system-jazn-data.xml file, see Sample system-jazn-data.xml File

15.8.4 Adding Users to system-jazn-data.xml for Standalone Servers

If the system-jazn-data.xml file is used as the ID store, you can users to ID store for a standalone server by completing the following steps:

1. Add users to the system-jazn-data.xml file by replacing <jazn-realm/> with the following:

   <jazn-realm>
      <realm>
        <name>jazn.com</name>
          <users>
            <user>
              <name><weblogic</name>
                <credentials>!passwd</credentials>
             </user>
            </users>
        </realm>
      </jazn-realm>
   

   For a sample system-jazn-data.xml file, see Sample system-jazn-data.xml File

15.8.5 Adding Policies to Policy Store for Standalone Servers

You can add policies to a policy store for a standalone server through Oracle Enterprise Manager.

1. Log in to Oracle Enterprise Manager.

2. Navigate to your Reports Application home page.

3. From the Reports menu, select Administration > Manage Security Policies.

4. Click Create to add reports and web command policies.

5. Assign roles to the application policies.

6. Click OK.

For more information about security policies, see Section 7.8.2, "Defining Security Policies for Reports".