You deploy more than one application to the same WebLogic container. The security is set on
JavaEE level and all deployed JavaEE applications use the same security roles.
What is your recommendation for an architecture with those requirement
A.
Combine all applications into a single one.
B.
Define global roles on the WebLogic Domain level.
C.
Use Ms Active Directory to keep the roles there.
D.
Use Oracle Identity and Access Management solution to simplify the management.
E.
Keep role mapping in the external WebLogic Role Mapped developed for that solution.
Explanation:
Note:
* Types of Security Roles: Global Roles and Scoped Roles
There are two types of security roles in WebLogic Server:
/ A global security role can be used in any security policy. Oracle provides several default global
roles that you can use out of the box to secure your WebLogic resource
/ A scoped role can be used only in policies that are defined for a specific instance of a WebLogic
resource (such as a method on an EJB or a branch of a JNDI tree). You might never need to use
scoped roles. They are provided for their flexibility and are an extra feature for advanced
customers.
Incorrect:
Not E: Role mapping is the process whereby principals (users or groups) are dynamically mapped
to security roles at runtime. In WebLogic Server, a Role Mapping provider determines what
security roles apply to the principals stored a subject when the subject is attempting to perform an
operation on a WebLogic resource. Because this operation usually involves gaining access to the
WebLogic resource, Role Mapping providers are typically used with Authorization providers.
Anybody know, is this dump valid?