The Security service's main component is the User Manager component. This
component provides applications an API to manage their store of users and
groups. API's for roles and permissions are not provided because they
already exist in the JAAS and J2EE standards. There is currently only a
JDBC implementation of the User Manager component; other implementations of
the manager may include a JNDI (LDAP) or file (XML) store.
Because application servers provide their own APIs to plug into security
services, there are currently adapters allowing Weblogic 6.1 and 7.0 to
connect authentication in the security service.