Справочник Пользователя для BEA 7
1
Upgrading WebLogic Server 6.x to Version 7.0
1-30
BEA WebLogic Server 7.0 Upgrade Guide
MBean API Change
Previous versions of this document and various other sample documents erroneously
described using
described using
weblogic.management.Admin.getInstance().getAdminMBeanHome()
as a way
to look up the
MBeanHome
interface on the Administration Server.
However, the
weblogic.management.Admin
class is not public. Instead of using this
non-public class, use JNDI to retrieve
MBeanHome
. See
in Programming WebLogic Server JMX Services.
Security
Guest and <Anonymous> Users
In WebLogic Server 6.x, any unauthenticated user (anonymous user) was identified as
a user called
a user called
guest
. WebLogic Server allowed the
guest
user access to WebLogic
resources. However, this functionality presented a potential security risk so the
functionality was modified.
functionality was modified.
In this version of WebLogic Server, the
guest
user is no longer supplied by default.
WebLogic Server now distinguishes between the
guest
user and an anonymous user,
by assigning an anonymous user the name
<anonymous>
.
If you want to use the
guest
user as you did in WebLogic Server 6.x, do one of the
following:
Use Compatibility security. (For more information, see “
” in Managing WebLogic Security.)
Define the
guest
user as a user in the WebLogic Authentication provider. (The
WebLogic Authentication provider is already configured in the default security
realm.) You do this by setting the following argument when starting a WebLogic
Server instance:
realm.) You do this by setting the following argument when starting a WebLogic
Server instance:
-Dweblogic.security.anonymousUserName=guest
Caution: This argument was added to assist existing WebLogic Server customers to
upgrade their security functionality. You should take great caution when
using the
using the
guest
user in a production environment. For more information