Default Security Policies for MBeans

Overview | MBeanServer Services | Domain Configuration MBeans | Runtime MBeans | System Module MBeans

Overview

To connect to a WebLogic Server MBean server, a JMX client must supply credentials for a user who has been defined in the WebLogic Server domain's security realm. To further secure the MBeans that have been registered in an MBean server, WebLogic Server uses security roles and policies.

By default, a WebLogic Server security realm contains four global security roles: Admin, Deployer, Operator, and Monitor, and the default security policies for WebLogic Server MBeans grant the following permissions:

All users have read access to all attributes that are not encrypted.
All users can invoke lookup operations, such as lookupCluster(String name)in DomainMBean.
All users can invoke the userExists method on security provider MBeans.
Only the Admin role has read access to encrypted attributes.
Only the Admin role has write access to writable attributes and can invoke operations other than lookup operations.


Security providers can override these default settings. To modify these defaults from the Administration Console,
see Create JMX policies.
MBeanServer Services
The following table lists the MBeanServer service MBeans that override the default security settings. MBeanServer service MBeans are your entry point into navigating the MBean hierarchies. Some of these MBeans contain attributes and operations for managing changes to WebLogic Server configuration MBeans.
    
    ActivationTaskMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    ConfigurationManagerMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DomainRuntimeServiceMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

All roles


    
    EditServiceMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    RecordingManagerMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    RuntimeServiceMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

All roles


Domain Configuration MBeans
The following table lists the domain configuration MBeans that override the default security settings. Domain configuration MBeans configure clusters, server instances, containers within the server (such as the EJB and servlet containers), and other services that servers provide to applications.
    
    AppDeploymentMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    ApplicationMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    ConnectorComponentMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DomainMBean    
     
The following operations override all other security settings for this MBean:



lookupSystemResource 
Only the following roles can invoke this operation:


Admin

Deployer




lookupTarget 
Only the following roles can invoke this operation:


Admin

Deployer




    
    EJBComponentMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCConnectionPoolMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer



Exceptions:


The following attributes override all other security settings for this MBean:



Password 

Read access is granted only to the following roles:


Admin

Deployer




XAPassword 

Read access is granted only to the following roles:


Admin

Deployer




    
    JDBCDataSourceFactoryMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCDataSourceMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCMultiPoolMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCSystemResourceMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCTxDataSourceMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSBridgeDestinationMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSConnectionConsumerMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSConnectionFactoryMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSDestinationKeyMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSDestinationMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSDistributedDestinationMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSDistributedDestinationMemberMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSDistributedQueueMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSDistributedQueueMemberMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSDistributedTopicMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSDistributedTopicMemberMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSFileStoreMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSInteropModuleMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSJDBCStoreMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSQueueMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSServerMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSSessionPoolMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSStoreMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSSystemResourceMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSTemplateMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSTopicMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JoltConnectionPoolMBean    
     
The following attributes override all other security settings for this MBean:



ApplicationPassword 

Read access is granted only to the following roles:


Admin

Deployer




UserPassword 

Read access is granted only to the following roles:


Admin

Deployer




    
    LibraryMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    ServerMBean    
     
The following operations override all other security settings for this MBean:



lookupServerLifeCycleRuntime 
Only the following roles can invoke this operation:


Admin

Deployer

Operator

Monitor




    
    ShutdownClassMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    StartupClassMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    SubDeploymentMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    TargetInfoMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WebAppComponentMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WebServerMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WebServiceComponentMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFSystemResourceMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WTCExportMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WTCImportMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WTCLocalTuxDomMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WTCPasswordMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WTCRemoteTuxDomMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WTCResourcesMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WTCServerMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WTCtBridgeGlobalMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WTCtBridgeRedirectMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


Runtime MBeans
The following table lists the runtime MBeans that override the default security settings. Runtime MBeans provide information about the runtime state of WebLogic Server resources.
    
    AccessRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer

Monitor

Operator


    
    ApplicationRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator



Exceptions:


The following operations override all other security settings for this MBean:



lookupComponents 
Only the following roles can invoke this operation:


Admin

Deployer




    
    AppRuntimeStateRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer

Operator

Monitor


    
    ConnectorServiceRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    DataAccessRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer

Monitor

Operator


    
    DeployerRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DeploymentTaskRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DomainRuntimeMBean    
     
The following operations override all other security settings for this MBean:



restartSystemResource 
Only the following roles can invoke this operation:


Admin

Operator




    
    DomainRuntimeServiceMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

All roles


    
    EJBComponentRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    EJBPoolRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    EJBTransactionRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    JMSRemoteEndpointRuntimeMBean    
     
The following operations override all other security settings for this MBean:



sort 
Only the following roles can invoke this operation:


Admin

Operator

Monitor




pauseForwarding 
Only the following roles can invoke this operation:


Admin

Operator




resumeIncoming 
Only the following roles can invoke this operation:


Admin

Operator




resumeForwarding 
Only the following roles can invoke this operation:


Admin

Operator




pauseIncoming 
Only the following roles can invoke this operation:


Admin

Operator




getMessages 
Only the following roles can invoke this operation:


Admin

Operator

Monitor




    
    RequestClassRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    RuntimeServiceMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

All roles


    
    SAFAgentRuntimeMBean    
     
The following operations override all other security settings for this MBean:



pauseForwarding 
Only the following roles can invoke this operation:


Admin

Operator




resumeReceiving 
Only the following roles can invoke this operation:


Admin

Operator




pauseReceiving 
Only the following roles can invoke this operation:


Admin

Operator




resumeIncoming 
Only the following roles can invoke this operation:


Admin

Operator




resumeForwarding 
Only the following roles can invoke this operation:


Admin

Operator




pauseIncoming 
Only the following roles can invoke this operation:


Admin

Operator




    
    SAFMessageCursorRuntimeMBean    
     
The following operations override all other security settings for this MBean:



sort 
Only the following roles can invoke this operation:


Admin

Operator

Monitor




    
    SAFRemoteEndpointRuntimeMBean    
     
The following operations override all other security settings for this MBean:



sort 
Only the following roles can invoke this operation:


Admin

Operator

Monitor




pauseForwarding 
Only the following roles can invoke this operation:


Admin

Operator




resumeIncoming 
Only the following roles can invoke this operation:


Admin

Operator




resumeForwarding 
Only the following roles can invoke this operation:


Admin

Operator




pauseIncoming 
Only the following roles can invoke this operation:


Admin

Operator




getMessages 
Only the following roles can invoke this operation:


Admin

Operator

Monitor




    
    ServerLifeCycleRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    ServerLifeCycleTaskRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    ServerRuntimeMBean    
     
The following operations override all other security settings for this MBean:



forceShutdown 
Only the following roles can invoke this operation:


Admin

Operator




lookupApplicationRuntime 
Only the following roles can invoke this operation:


Admin

Deployer




shutdown 
Only the following roles can invoke this operation:


Admin

Operator




getURL 
Only the following roles can invoke this operation:


All roles




shutdown 
Only the following roles can invoke this operation:


Admin

Operator




resume 
Only the following roles can invoke this operation:


Admin

Operator




isServiceAvailable 
Only the following roles can invoke this operation:


All roles




start 
Only the following roles can invoke this operation:


Admin

Operator




    
    ServletRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    StatelessEJBRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    WebAppComponentRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    WebServerRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    WLDFAccessRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer

Monitor

Operator


    
    WLDFDataAccessRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer

Monitor

Operator


    
    WorkManagerRuntimeMBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Operator


    
    WSRMRemoteEndpointRuntimeMBean    
     
The following operations override all other security settings for this MBean:



sort 
Only the following roles can invoke this operation:


Admin

Operator

Monitor




pauseForwarding 
Only the following roles can invoke this operation:


Admin

Operator




resumeIncoming 
Only the following roles can invoke this operation:


Admin

Operator




resumeForwarding 
Only the following roles can invoke this operation:


Admin

Operator




pauseIncoming 
Only the following roles can invoke this operation:


Admin

Operator




getMessages 
Only the following roles can invoke this operation:


Admin

Operator

Monitor




System Module MBeans
The following table lists the system module MBeans that override the default security settings. System module MBeans configure modules that have been deployed independently of other enterprise applications and are therefore available as resources to all applications on a server.
    
    ClientParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    ClientSAFBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DefaultDeliveryParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DeliveryFailureParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DeliveryParamsOverridesBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DestinationKeyBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DistributedDestinationMemberBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DistributedQueueBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    DistributedTopicBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    FlowControlParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    ForeignConnectionFactoryBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    ForeignServerBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    GroupParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCConnectionPoolParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCDataSourceBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCDataSourceParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCDriverParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer



Exceptions:


The following attributes override all other security settings for this MBean:



Password 

Read access is granted only to the following roles:


Admin

Deployer




    
    JDBCPropertiesBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCPropertyBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JDBCXAParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    JMSConnectionFactoryBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    LoadBalancingParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    MessageLoggingParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    MulticastParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    PropertyBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    QueueBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    QuotaBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    SAFErrorHandlingBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    SAFImportedDestinationsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    SAFLoginContextBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    SAFQueueBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    SAFRemoteContextBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    SAFTopicBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    SecurityParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    TemplateBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    ThresholdParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    TopicBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    TransactionParamsBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    UniformDistributedQueueBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    UniformDistributedTopicBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFHarvestedTypeBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFHarvesterBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFImageNotificationBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFInstrumentationBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFInstrumentationMonitorBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFJMSNotificationBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFJMXNotificationBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFNotificationBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFResourceBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFSMTPNotificationBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFSNMPNotificationBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFWatchBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer


    
    WLDFWatchNotificationBean    
    The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean:
                            

Admin

Deployer

ActivationTaskMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
ConfigurationManagerMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DomainRuntimeServiceMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: All roles
EditServiceMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
RecordingManagerMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
RuntimeServiceMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: All roles

AppDeploymentMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
ApplicationMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
ConnectorComponentMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DomainMBean	The following operations override all other security settings for this MBean: lookupSystemResource Only the following roles can invoke this operation: Admin Deployer lookupTarget Only the following roles can invoke this operation: Admin Deployer
EJBComponentMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCConnectionPoolMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer Exceptions: The following attributes override all other security settings for this MBean: Password Read access is granted only to the following roles: Admin Deployer XAPassword Read access is granted only to the following roles: Admin Deployer
JDBCDataSourceFactoryMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCDataSourceMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCMultiPoolMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCSystemResourceMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCTxDataSourceMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSBridgeDestinationMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSConnectionConsumerMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSConnectionFactoryMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSDestinationKeyMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSDestinationMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSDistributedDestinationMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSDistributedDestinationMemberMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSDistributedQueueMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSDistributedQueueMemberMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSDistributedTopicMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSDistributedTopicMemberMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSFileStoreMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSInteropModuleMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSJDBCStoreMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSQueueMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSServerMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSSessionPoolMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSStoreMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSSystemResourceMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSTemplateMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSTopicMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JoltConnectionPoolMBean	The following attributes override all other security settings for this MBean: ApplicationPassword Read access is granted only to the following roles: Admin Deployer UserPassword Read access is granted only to the following roles: Admin Deployer
LibraryMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
ServerMBean	The following operations override all other security settings for this MBean: lookupServerLifeCycleRuntime Only the following roles can invoke this operation: Admin Deployer Operator Monitor
ShutdownClassMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
StartupClassMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
SubDeploymentMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
TargetInfoMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WebAppComponentMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WebServerMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WebServiceComponentMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFSystemResourceMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WTCExportMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WTCImportMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WTCLocalTuxDomMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WTCPasswordMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WTCRemoteTuxDomMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WTCResourcesMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WTCServerMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WTCtBridgeGlobalMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WTCtBridgeRedirectMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer

AccessRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer Monitor Operator
ApplicationRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator Exceptions: The following operations override all other security settings for this MBean: lookupComponents Only the following roles can invoke this operation: Admin Deployer
AppRuntimeStateRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer Operator Monitor
ConnectorServiceRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
DataAccessRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer Monitor Operator
DeployerRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DeploymentTaskRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DomainRuntimeMBean	The following operations override all other security settings for this MBean: restartSystemResource Only the following roles can invoke this operation: Admin Operator
DomainRuntimeServiceMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: All roles
EJBComponentRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
EJBPoolRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
EJBTransactionRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
JMSRemoteEndpointRuntimeMBean	The following operations override all other security settings for this MBean: sort Only the following roles can invoke this operation: Admin Operator Monitor pauseForwarding Only the following roles can invoke this operation: Admin Operator resumeIncoming Only the following roles can invoke this operation: Admin Operator resumeForwarding Only the following roles can invoke this operation: Admin Operator pauseIncoming Only the following roles can invoke this operation: Admin Operator getMessages Only the following roles can invoke this operation: Admin Operator Monitor
RequestClassRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
RuntimeServiceMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: All roles
SAFAgentRuntimeMBean	The following operations override all other security settings for this MBean: pauseForwarding Only the following roles can invoke this operation: Admin Operator resumeReceiving Only the following roles can invoke this operation: Admin Operator pauseReceiving Only the following roles can invoke this operation: Admin Operator resumeIncoming Only the following roles can invoke this operation: Admin Operator resumeForwarding Only the following roles can invoke this operation: Admin Operator pauseIncoming Only the following roles can invoke this operation: Admin Operator
SAFMessageCursorRuntimeMBean	The following operations override all other security settings for this MBean: sort Only the following roles can invoke this operation: Admin Operator Monitor
SAFRemoteEndpointRuntimeMBean	The following operations override all other security settings for this MBean: sort Only the following roles can invoke this operation: Admin Operator Monitor pauseForwarding Only the following roles can invoke this operation: Admin Operator resumeIncoming Only the following roles can invoke this operation: Admin Operator resumeForwarding Only the following roles can invoke this operation: Admin Operator pauseIncoming Only the following roles can invoke this operation: Admin Operator getMessages Only the following roles can invoke this operation: Admin Operator Monitor
ServerLifeCycleRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
ServerLifeCycleTaskRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
ServerRuntimeMBean	The following operations override all other security settings for this MBean: forceShutdown Only the following roles can invoke this operation: Admin Operator lookupApplicationRuntime Only the following roles can invoke this operation: Admin Deployer shutdown Only the following roles can invoke this operation: Admin Operator getURL Only the following roles can invoke this operation: All roles shutdown Only the following roles can invoke this operation: Admin Operator resume Only the following roles can invoke this operation: Admin Operator isServiceAvailable Only the following roles can invoke this operation: All roles start Only the following roles can invoke this operation: Admin Operator
ServletRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
StatelessEJBRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
WebAppComponentRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
WebServerRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
WLDFAccessRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer Monitor Operator
WLDFDataAccessRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer Monitor Operator
WorkManagerRuntimeMBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Operator
WSRMRemoteEndpointRuntimeMBean	The following operations override all other security settings for this MBean: sort Only the following roles can invoke this operation: Admin Operator Monitor pauseForwarding Only the following roles can invoke this operation: Admin Operator resumeIncoming Only the following roles can invoke this operation: Admin Operator resumeForwarding Only the following roles can invoke this operation: Admin Operator pauseIncoming Only the following roles can invoke this operation: Admin Operator getMessages Only the following roles can invoke this operation: Admin Operator Monitor

ClientParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
ClientSAFBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DefaultDeliveryParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DeliveryFailureParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DeliveryParamsOverridesBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DestinationKeyBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DistributedDestinationMemberBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DistributedQueueBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
DistributedTopicBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
FlowControlParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
ForeignConnectionFactoryBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
ForeignServerBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
GroupParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCConnectionPoolParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCDataSourceBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCDataSourceParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCDriverParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer Exceptions: The following attributes override all other security settings for this MBean: Password Read access is granted only to the following roles: Admin Deployer
JDBCPropertiesBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCPropertyBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JDBCXAParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
JMSConnectionFactoryBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
LoadBalancingParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
MessageLoggingParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
MulticastParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
PropertyBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
QueueBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
QuotaBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
SAFErrorHandlingBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
SAFImportedDestinationsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
SAFLoginContextBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
SAFQueueBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
SAFRemoteContextBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
SAFTopicBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
SecurityParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
TemplateBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
ThresholdParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
TopicBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
TransactionParamsBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
UniformDistributedQueueBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
UniformDistributedTopicBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFHarvestedTypeBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFHarvesterBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFImageNotificationBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFInstrumentationBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFInstrumentationMonitorBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFJMSNotificationBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFJMXNotificationBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFNotificationBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFResourceBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFSMTPNotificationBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFSNMPNotificationBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFWatchBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer
WLDFWatchNotificationBean	The following roles have read, write, and invoke permission for all non-encrypted attributes and operations in this MBean: Admin Deployer