The console and the other WLS management functionality share some capability
for controling access at a coarse grained level based on a number of
predefined security roles that are described in the documentation at:

http://edocs.bea.com/wls/docs81/secwlres/secroles.html

What you are asking for is a common request and one that makes a great deal
of sense. Unfortunately the ability to access just the security
functionality of the console is not separately controllable and a user must
be in the Adminstrator to access these.

The best recommendation that I can make is that you may want to create a
separate web application that provides access to the functionality for which
the security adminstrator needs access. All of this functionality is
available through public documented JMX interfaces. I understand that doing
this for all but the simplest of the functionality may not be possible...

Charles


"Eddie Baue" wrote in message
news:3f4cd001$1@newsgroups.bea.com...
>
> Hi everyone !
>
> I would like to start using the new rules based security with the

embedded
> ldap in weblogic 8.1. However, the area that manages security is in

another department
> and does not need to have full access in the Admin console. Is there a

way to
> restrict access to only the security pieces in the console ?
>
> Thanks,
> Eddie
>