javax.net.ssl.SSLKeyException: [Security:090482]BAD_CERTIFICATE alert was received from oracle.test.com – xx.xxx.xx.xx. Check the peer to determine why it rejected the certificate chain
Continue readingCategory: Security
this category contains posts related to Security
Using Canned Policy with Weblogic Server.
SimpleWS.java package demo; import weblogic.jws.WLHttpTransport; import weblogic.jws.Policies; import weblogic.jws.Policy; import javax.jws.WebService; import javax.jws.WebMethod; import javax.jws.soap.SOAPBinding; @WebService(name=”SimpleWSPortType”, serviceName=”SimpleWSService”, targetNamespace=”http://www.oracle.com”) @SOAPBinding(style=SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL,
Continue readingConfigure JCE Provider with Weblogic Server
Download any JCE Provider. These JCE providers provide additional cryptographic algorithms to secure the communication. Bouncy castle is one such
Continue readingImport and Export users from Embedded LDAP using WLST
Export connect(‘weblogic’,’weblogic’, ‘t3://localhost:8003′) domainRuntime() cd(‘/DomainServices/DomainRuntimeService/DomainConfiguration/DomainA/SecurityConfiguration/DomainA/DefaultRealm/myrealm/AuthenticationProviders/DefaultAuthenticator’) cmo.exportData(‘DefaultAtn’,’c:/export.ldif’, Properties()) Import connect(‘weblogic’,’weblogic’, ‘t3://localhost:8003′) domainRuntime() cd(‘/DomainServices/DomainRuntimeService/DomainConfiguration/DomainB/SecurityConfiguration/DomainB/DefaultRealm/myrealm/AuthenticationProviders/DefaultAuthenticator’) cmo.importData(‘DefaultAtn’,’c:/export.ldif’, Properties())
Continue readingSecuring Webservices using BASIC Authentication on Weblogic Server.
To secure the Webservice to use Basic Authentication, we just need to use the @RolesAllowed annotation. No change needs to
Continue readingCreate Active Directory Authentication Provider from WLST
connect(‘weblogic’,’weblogic’,’t3://localhost:7001′) edit() startEdit(-1,-1,’false’) cmo.getSecurityConfiguration().getDefaultRealm().createAuthenticationProvider(‘ADAuthenticator’, ‘weblogic.security.providers.authentication.ActiveDirectoryAuthenticator’) cmo.getSecurityConfiguration().getDefaultRealm().lookupAuthenticationProvider(‘ADAuthenticator’).setControlFlag(‘OPTIONAL’) cd(‘/SecurityConfiguration’) cd(‘base_domain’) cd(‘Realms/myrealm/AuthenticationProviders’) cd(‘ADAuthenticator’) cmo.setGroupBaseDN(‘CN=Users,DC=faisal,DC=bea,DC=com’) cmo.setUserBaseDN(‘CN=Users,DC=faisal,DC=bea,DC=com’) cmo.setAllGroupsFilter(‘(objectclass=group)’) cmo.setPrincipal(‘CN=Administrator,CN=Users,DC=faisal,DC=bea,DC=com’) cmo.setCredential(‘Passw0rd’) cmo.setPort(389) cmo.setHost(‘localhost’) save() activate()
Continue readingResetting Admin UserName And Password in Weblogic Server 11g
Step 1 – Set the environment C:OracleMiddlewareuser_projectsdomainsFirstDomainbin>setDomainEnv.cmd Step 2 – Create a new Admin Account C:OracleMiddlewareuser_projectsdomainsFirstDomain>java weblogic.security.utils.AdminAccount faisal faisal123 .
Continue readingUse specific SSL protocol version with Weblogic Server.
If we want the Weblogic Server to use only a specific protocol version of SSL,we can do it with the
Continue readingHow to Restrict Key Size Larger that 128 bit on Weblogic Server.
To restrict keysize larger than 128 bit we need to select only those cipher suites in the configuration which use
Continue readingSteps to use userconfig file and userkey file
Steps to use userconfig file and userkey file First create the user config file and the key file with the
Continue reading