Cannot create PoolableConnectionFactory (IO Error: Connection reset)

Issue while connecting to Database from JAVA program. Cannot create PoolableConnectionFactory (IO Error: Connection reset) This is sometimes an intermittent issue but it can be easily reproduced by reducing the randomness on the Server watch -n 1 cat /proc/sys/kernel/random/entropy_avail cat /dev/random > random_bits.bin Once the issue is consistently reproduced, we

Continue reading »

How to prevent CSRF attack

Sometimes when one application tries to call another application running on another server you get an error window with the message potential CSRF attack. At the same time you will see the following error message in the log files. <BEA-000000> <A request has been denied as a potential CSRF attack.>

Continue reading »

Recommended Best Practices for Securing WebLogic Server.

Disable SSL V2, Weak Ciphers, and Null Encryptions You can use the following jvm options to disable Weak Ciphers. -Dweblogic.security.SSL.allowUnencryptedNullCipher=false -Dweblogic.security.disableNullCipher=true Steps to disable SSL V2 follows later. Use Secure Cookies to Prevent Session Stealing Please refer to this article : link Configure WebLogic Server to use a Specific Cipher

Continue reading »

Simple Sample Custom Identity Asserter for Weblogic Server 12c

To implement a custom identity asserter for Weblogic Server we need to write a provide that implements AuthenticationProviderV2 and IdentityAsserterV2. We need to write and Mbean definition file and a callback handler. SimpleSampleIdentityAsserterProviderImpl   package examples.security.providers.identityassertion.simple; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.login.AppConfigurationEntry; import weblogic.management.security.ProviderMBean; import weblogic.security.service.ContextHandler; import weblogic.security.spi.AuthenticationProviderV2; import weblogic.security.spi.IdentityAsserterV2; import weblogic.security.spi.IdentityAssertionException;

Continue reading »

Weblogic SSL configuration with Custom Identity and Custom Trust

These days the enterprise applications have grown more complex and boast a great deal of sensitive and critical data online. Cyber security has become more than important these days to secure the data. Secure Sockets Layer plays a pivotal role in how a sensitive data can be protected, accessed over

Continue reading »

Securing WebServices using Username / Password mechanism

Security is an important aspect of your application design. When the web services are deployed and accessed, you might like to restrict its accesses to particular set of users/ groups or any users of a particular role. Hence we specify the policies for the application  webservice in this case at

Continue reading »

Import/ Export users and groups from Security Realm

Exporting users and groups from WebLogic Security Realm. Login into the WebLogic Administration console ,navigate to Security Realm -> MyRealm Navigate to Migration tab ->Export  Specify the location where the data needs to be exported. Verify whether the users and groups are exported by checking the location, you would find set of

Continue reading »

com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte

com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte The above exception is encountered during server startup. This happens when SerializedSystemIni.dat present under domain\your_domain\security folder is modified. To troubleshoot this issue, we need to do the following. Check if the Domain is in Production Mode or Development Mode. If its in

Continue reading »