Free Preparation Discussions
MENU
Oracle Exam 1Z0-599 Topic 8 Question 67 Discussion
Topic #: 8
You deploy more than one application to the same WebLogic container. The security is set on JavaEE level and all deployed JavaEE applications use the same security roles.
What is your recommendation for an architecture with those requirement
Note:
* Types of Security Roles: Global Roles and Scoped Roles
There are two types of security roles in WebLogic Server:
/ A global security role can be used in any security policy. Oracle provides several default global roles that you can use out of the box to secure your WebLogic resource
/ A scoped role can be used only in policies that are defined for a specific instance of a WebLogic resource (such as a method on an EJB or a branch of a JNDI tree). You might never need to use scoped roles. They are provided for their flexibility and are an extra feature for advanced customers.
Incorrect:
Not E: Role mapping is the process whereby principals (users or groups) are dynamically mapped to security roles at runtime. In WebLogic Server, a Role Mapping provider determines what security roles apply to the principals stored a subject when the subject is attempting to perform an operation on a WebLogic resource. Because this operation usually involves gaining access to the WebLogic resource, Role Mapping providers are typically used with Authorization providers.
Currently there are no comments in this discussion, be the first to comment!