Lock the WebLogic Server Active Security Realm

Lock the Security Realm to ensure no one else can make changes while you are configuring WebLogic.

In a browser, go to the WebLogic Administrator console. The URL uses one of the following formats:
http://local_host_name:port_number/console

https://local_host_name:port_number/console

where local_host_name and port_number are the name and port number of the WebLogic Administrator console defined during STA installation. The default HTTP port number is 7019, and the default HTTPS port number is 7020.

For example:
```
https://sta_server:7020/console
```
Enter the WebLogic Administration console username and password defined during STA installation, and then click Login.
In the Domain Structure navigation tree, select Security Realms.
In the Realms table, select the myrealm active link.
In the Change Center, click Lock & Edit. This locks out other users from making changes at the same time.
Proceed to Add an External Authentication Provider.

Understand the WebLogic Server Active Security Realm

The WebLogic Server manages all user authentication for STA. All authentication providers for STA must be defined in themyrealm security realm.

WebLogic Server includes an embedded LDAP server, and this is the default authentication provider for STA. During STA installation, the embedded LDAP server is configured in the active security realm with the name DefaultAuthenticator. The DefaultAuthenticator data store includes credentials for the two default user accounts defined during STA installation—the WebLogic Administrator and the default STA Administrator. It also includes credentials for all STA usernames created through the STA user interface.

Do not change the names of the myrealm security realm and the DefaultAuthenticator; these names are required for STA.

The active security realm also includes a provider named DefaultIdentityAsserter. Do not make any changes to this provider.