Mbean Api Change; Security; Guest And <Anonymous> Users - BEA WebLogic Server 7 Upgrade Manual

1
Upgrading WebLogic Server 6.x to Version 7.0

MBean API Change

Previous versions of this document and various other sample documents erroneously
described using
weblogic.management.Admin.getInstance().getAdminMBeanHome()
to look up the
However, the
non-public class, use JNDI to retrieve
Domain and Servers

Security

Guest and <Anonymous> Users
In WebLogic Server 6.x, any unauthenticated user (anonymous user) was identified as
a user called
resources. However, this functionality presented a potential security risk so the
functionality was modified.
In this version of WebLogic Server, the
WebLogic Server now distinguishes between the
by assigning an anonymous user the name
If you want to use the
following:
Use Compatibility security. (For more information, see
Security" in Managing WebLogic Security.)
Define the
WebLogic Authentication provider is already configured in the default security
realm.) You do this by setting the following argument when starting a WebLogic
Server instance:
-Dweblogic.security.anonymousUserName=guest
Caution: This argument was added to assist existing WebLogic Server customers to
1-30 BEA WebLogic Server 7.0 Upgrade Guide
interface on the Administration Server.
MBeanHome
weblogic.management.Admin
in Programming WebLogic Server JMX Services.
. WebLogic Server allowed the
guest
user as you did in WebLogic Server 6.x, do one of the
guest
user as a user in the WebLogic Authentication provider. (The
guest
upgrade their security functionality. You should take great caution when
using the user in a production environment. For more information
guest
class is not public. Instead of using this
. See Determining the Active
MBeanHome
user access to WebLogic
guest
user is no longer supplied by default.
guest
user and an anonymous user,
guest
.
<anonymous>
"Using Compatibility
as a way