The console and the other WLS management functionality share some capability
for controling access at a coarse grained level based on a number of
predefined security roles that are described in the documentation at:

What you are asking for is a common request and one that makes a great deal
of sense. Unfortunately the ability to access just the security
functionality of the console is not separately controllable and a user must
be in the Adminstrator to access these.

The best recommendation that I can make is that you may want to create a
separate web application that provides access to the functionality for which
the security adminstrator needs access. All of this functionality is
available through public documented JMX interfaces. I understand that doing
this for all but the simplest of the functionality may not be possible...


"Eddie Baue" wrote in message
> Hi everyone !
> I would like to start using the new rules based security with the

> ldap in weblogic 8.1. However, the area that manages security is in

another department
> and does not need to have full access in the Admin console. Is there a

way to
> restrict access to only the security pieces in the console ?
> Thanks,
> Eddie