How and Why we need to SECURE our Web Server

Introduction: Over the year’s internet and the internet based applications had revolutioned our life. They had created many new global business opportunities for enterprises conducting online business. However, the security risks associated with conducting e-business have resulted in security becoming a major factor for online success or failure. Any high-profile

Continue reading »

All Server States using WLST

This is an extension to my earlier post which gives the runtime attributes about the alive servers. http://weblogic-wonders.com/weblogic/2011/03/16/weblogic-server-runtime-using-wlst/ However there could be scenarios where you might want to keep a track of all the server states like RUNNING, SHUTDOWN  etc  in the domain. The below WLST script provides a list

Continue reading »

Certificate Management in WebSphere Application Server

Before, trying to understand about the certificate management, installation of certificates inside the WebSphere application server we should first understand why we need ssl communication and what is the impact of not installing the certificates. During the olden days whenever we want to make any banking transaction (e.g.: depositing the

Continue reading »

Installation of WAS Fix pack

Steps to install the Fixpack:- Following is the step-by-step approach for installing the fixpacks for WebSphere Application Server environment:- (1) Take the back-up of the existing configuration. You run the below command to take the backup of the existing configuration from the individual profiles- (a) ./backupConfig.sh name_config.zip (unix) (b) backupConfig.bat

Continue reading »

BASIC Authentication in Websphere Application Server

1 ) Secure the application resources using the descriptor (web.xml) <!DOCTYPE web-app PUBLIC “-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN” “http://java.sun.com/dtd/web-app_2_3.dtd”> <web-app id=”WebApp”> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <security-constraint> <display-name>Constraint-0</display-name> <web-resource-collection> <web-resource-name>Constraint-0</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>pegaadmin</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> </login-config> <security-role> <role-name>pegaadmin</role-name> </security-role> </web-app>   2) Deploy the application

Continue reading »