SSL Vulnerabilites

SSL Server allows Anonymous Authentication Vulnerability This basically means that the client will be able to connect to the Server without using any authentication algorithm. Some SSL Ciphers allow anonymous authentication. Choosing the right cipher suites as explained in an

Continue reading

JMS Resources using JMX

import java.io.IOException; import java.net.MalformedURLException; import java.util.ArrayList; import java.util.HashMap; import java.util.Hashtable; import java.util.Iterator; import javax.management.MBeanServerConnection; import javax.management.MalformedObjectNameException; import javax.management.ObjectName; import javax.management.remote.JMXConnector; import javax.management.remote.JMXConnectorFactory; import javax.management.remote.JMXServiceURL; import javax.naming.Context; import javax.naming.InitialContext; import weblogic.j2ee.descriptor.wl.JMSBean; import weblogic.j2ee.descriptor.wl.JMSConnectionFactoryBean; import weblogic.j2ee.descriptor.wl.QueueBean; import weblogic.jms.extensions.JMSModuleHelper; import weblogic.management.configuration.JMSSystemResourceMBean; public class

Continue reading

Using Canned Policy with Weblogic Server.

SimpleWS.java package demo; import weblogic.jws.WLHttpTransport; import weblogic.jws.Policies; import weblogic.jws.Policy; import javax.jws.WebService; import javax.jws.WebMethod; import javax.jws.soap.SOAPBinding; @WebService(name=”SimpleWSPortType”, serviceName=”SimpleWSService”, targetNamespace=”http://www.oracle.com”) @SOAPBinding(style=SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL, parameterStyle=SOAPBinding.ParameterStyle.WRAPPED) @WLHttpTransport(contextPath=”SimpleWSService”, serviceUri=”SimpleWSService”, portName=”SimpleWSServicePort”) @Policy(uri=”policy:Sign.xml”) public class SimpleWS { @WebMethod() public String sayHello(String s) { return “Hello ” + s;

Continue reading

Import and Export users from Embedded LDAP using WLST

Export connect(‘weblogic’,’weblogic’, ‘t3://localhost:8003′) domainRuntime() cd(‘/DomainServices/DomainRuntimeService/DomainConfiguration/DomainA/SecurityConfiguration/DomainA/DefaultRealm/myrealm/AuthenticationProviders/DefaultAuthenticator’) cmo.exportData(‘DefaultAtn’,’c:/export.ldif’, Properties()) Import connect(‘weblogic’,’weblogic’, ‘t3://localhost:8003′) domainRuntime() cd(‘/DomainServices/DomainRuntimeService/DomainConfiguration/DomainB/SecurityConfiguration/DomainB/DefaultRealm/myrealm/AuthenticationProviders/DefaultAuthenticator’) cmo.importData(‘DefaultAtn’,’c:/export.ldif’, Properties())

Continue reading

Create Active Directory Authentication Provider from WLST

connect(‘weblogic’,’weblogic’,’t3://localhost:7001′) edit() startEdit(-1,-1,’false’) cmo.getSecurityConfiguration().getDefaultRealm().createAuthenticationProvider(‘ADAuthenticator’, ‘weblogic.security.providers.authentication.ActiveDirectoryAuthenticator’) cmo.getSecurityConfiguration().getDefaultRealm().lookupAuthenticationProvider(‘ADAuthenticator’).setControlFlag(‘OPTIONAL’) cd(‘/SecurityConfiguration’) cd(‘base_domain’) cd(‘Realms/myrealm/AuthenticationProviders’) cd(‘ADAuthenticator’) cmo.setGroupBaseDN(‘CN=Users,DC=faisal,DC=bea,DC=com’) cmo.setUserBaseDN(‘CN=Users,DC=faisal,DC=bea,DC=com’) cmo.setAllGroupsFilter(‘(objectclass=group)’) cmo.setPrincipal(‘CN=Administrator,CN=Users,DC=faisal,DC=bea,DC=com’) cmo.setCredential(‘Passw0rd’) cmo.setPort(389) cmo.setHost(‘localhost’) save() activate()

Continue reading