Securing WebLogic Server 12c
By Luca Masini and Rinaldi Vincenzo
()
About this ebook
Related to Securing WebLogic Server 12c
Related ebooks
Modern Oracle Enterprise Architecture: Discover Oracle's Hidden Gems for Next Generation Database and Application Migrations Rating: 0 out of 5 stars0 ratingsAdvanced API Security: OAuth 2.0 and Beyond Rating: 0 out of 5 stars0 ratingsRESTful Java Web Services Security Rating: 0 out of 5 stars0 ratingsSolarWinds Server & Application Monitor : Deployment and Administration Rating: 0 out of 5 stars0 ratingsOracle Database 12c Release 2 New Features Rating: 0 out of 5 stars0 ratingsOracle WebLogic Server 12c Advanced Administration Cookbook Rating: 0 out of 5 stars0 ratingsOracle API Management 12c Implementation Rating: 0 out of 5 stars0 ratingsOracle: Protect Your Data Rating: 0 out of 5 stars0 ratingsOracle Data Guard 11gR2 Administration Beginner's Guide Rating: 0 out of 5 stars0 ratingsOracle Database 12c Security Cookbook Rating: 0 out of 5 stars0 ratingsOracle Fusion Middleware Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsOracle Exadata Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsOracle Goldengate 11g Complete Cookbook Rating: 5 out of 5 stars5/5Oracle 11g Streams Implementer's Guide Rating: 0 out of 5 stars0 ratingsOracle GoldenGate 11g Implementer's guide Rating: 5 out of 5 stars5/5Oracle Database 12c Release 2 Testing Tools and Techniques for Performance and Scalability Rating: 5 out of 5 stars5/5Oracle Database Security Interview Questions, Answers, and Explanations: Oracle Database Security Certification Review Rating: 0 out of 5 stars0 ratingsOracle Exalytics Revealed: E-Book Rating: 0 out of 5 stars0 ratingsMastering IBM WebSphere Portal: Expert Guidance to Build and Deploy Portal Applications Rating: 4 out of 5 stars4/5Terraform for Developers Rating: 0 out of 5 stars0 ratingsOracle SOA Suite 12c Administrator's Guide Rating: 0 out of 5 stars0 ratingsSAML A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsOracle 11g R1/R2 Real Application Clusters Essentials Rating: 5 out of 5 stars5/5Oracle GoldenGate With Microservices: Real-Time Scenarios with Oracle GoldenGate Rating: 0 out of 5 stars0 ratingsImplementing Database Security and Auditing Rating: 4 out of 5 stars4/5Oracle Solaris 11 Advanced Administration Cookbook Rating: 0 out of 5 stars0 ratingsOracle 10g/11g Data and Database Management Utilities Rating: 0 out of 5 stars0 ratingsPractical Oracle Cloud Infrastructure: Infrastructure as a Service, Autonomous Database, Managed Kubernetes, and Serverless Rating: 0 out of 5 stars0 ratingsMigrating to the Cloud: Oracle Client/Server Modernization Rating: 0 out of 5 stars0 ratingsOracle Database 11g - Underground Advice for Database Administrators: Beyond the basics Rating: 0 out of 5 stars0 ratings
Enterprise Applications For You
Excel : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Excel Programming: 1 Rating: 5 out of 5 stars5/5Excel Formulas and Functions 2020: Excel Academy, #1 Rating: 4 out of 5 stars4/5QuickBooks 2024 All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsCreating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5101 Ready-to-Use Excel Formulas Rating: 4 out of 5 stars4/5Create Income through Self-Publishing: An Author's Approach on Generating Wealth by Self-Publishing Rating: 5 out of 5 stars5/5ChatGPT Ultimate User Guide - How to Make Money Online Faster and More Precise Using AI Technology Rating: 0 out of 5 stars0 ratings50 Useful Excel Functions: Excel Essentials, #3 Rating: 5 out of 5 stars5/5Bitcoin For Dummies Rating: 4 out of 5 stars4/5Enterprise AI For Dummies Rating: 3 out of 5 stars3/5Learn Windows PowerShell in a Month of Lunches Rating: 0 out of 5 stars0 ratingsScrivener For Dummies Rating: 4 out of 5 stars4/5Mastering QuickBooks 2020: The ultimate guide to bookkeeping and QuickBooks Online Rating: 0 out of 5 stars0 ratingsQuickBooks 2023 All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsSystems Thinking: Managing Chaos and Complexity: A Platform for Designing Business Architecture Rating: 4 out of 5 stars4/5Access 2019 For Dummies Rating: 0 out of 5 stars0 ratingsQuickBooks 2021 For Dummies Rating: 0 out of 5 stars0 ratingsSharePoint 2016 For Dummies Rating: 5 out of 5 stars5/5Notion for Beginners: Notion for Work, Play, and Productivity Rating: 4 out of 5 stars4/5Excel Tips and Tricks Rating: 0 out of 5 stars0 ratingsPowerShell for SQL Server Essentials Rating: 0 out of 5 stars0 ratingsExcel 2016 For Dummies Rating: 4 out of 5 stars4/5Essential Office 365 Third Edition: The Illustrated Guide to Using Microsoft Office Rating: 3 out of 5 stars3/5The Ridiculously Simple Guide to Google Docs: A Practical Guide to Cloud-Based Word Processing Rating: 0 out of 5 stars0 ratingsExcel 2019 Bible Rating: 4 out of 5 stars4/5
Reviews for Securing WebLogic Server 12c
0 ratings0 reviews
Book preview
Securing WebLogic Server 12c - Luca Masini
Table of Contents
Securing WebLogic Server 12c
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers and more
Why Subscribe?
Free Access for Packt account holders
Instant Updates on New Packt Books
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. WebLogic Security Concepts
General concept of security in Java EE
WebLogic security architecture
Identifying – Subjects, Principals, and Credentials
WebLogic resources
Writing custom providers – MBeans
Authentication Providers
Authentication under WebLogic
MBean and JAAS
Multipart Authentication Provider
Perimeter Authentication
Identity Assertion
Credential Mapper
JASPIC and Java EE
JACC
Summary
2. WebLogic Security Realm
Configuration of local LDAP server: user/roles/lockout
Users and groups
Users section
Groups section
Security role condition
Basic
Date and time-based
Context element
User lockout
Unlocking user
Configuring an external LDAP for Authentication/Authorization
Configuring a new provider
Control Flag
Active Directory provider-specific configuration
Connection
Users
Groups
Static groups
General
Performance options
Principal Validator Cache
Troubleshooting problems
User lockout in an Active Directory context
Using Identity Assertion
Summary
3. Java EE Security with WebLogic
Setting up an Enterprise Maven project
Creating the modules with maven-archetype-plugin
Installing the WebLogic Server and the WebLogic Maven plugin
Configuring wls-maven-plugin into the EAR POM
Split deploy and beabuild-maven-plugin
Launching our Hello Maven and WebLogic world application
Securing the web module
Standard DD mapping
Custom Roles Mapping
Programmatic security
Programmatic security with WebLogic XACML provider
A RESTful and secure EJB component
Bean packaged into the WAR module
Changing Security Identity with RunAs
Securing the EJB module
Summary
4. Creating Custom Authentication Providers with Maven
The Maven project
Creating the Maven project
Dependencies
Reconfiguring standard plugins
Adding WebLogic MBeanMaker to the POM
Defining the MBean with an MDF File
Writing the MBean implementation
Initializing the provider
Implementation of the provider
Custom JAAS LoginModule
The login() method
Lifecycle methods – commit(), abort(), and logout()
A simple SSO JSP
Running the provider
Summary
5. Integrating with Kerberos SPNEGO Identity Assertion
Using Identity Assertion SSO Kerberos in a Microsoft domain
Windows client needs to be in the Active Directory domain
Windows client session needs to be logged in the Active Directory domain
Integrated Windows Authentication
DNS URL entry configuration and SPN definition
Technical Active Directory user
Keytab generation and the krb5 config file
JAAS file creation
WLS init startup arguments configuration
SPNEGO Identity asserter configuration
Debugging issues
Summary
Index
Securing WebLogic Server 12c
Securing WebLogic Server 12c
Copyright © 2012 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: November 2012
Production Reference: 1201112
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-84968-778-2
www.packtpub.com
Credits
Authors
Luca Masini
Rinaldi Vincenzo
Reviewers
Andrea Fiorentini
Michel Schildmeijer
Acquisition Editor
Rukhsana Khambatta
Commissioning Editor
Priyanka Shah
Technical Editor
Dominic Pereira
Copy Editors
Aditya Nair
Alfida Paiva
Project Coordinator
Michelle Quadros
Proofreader
Maria Gould
Indexer
Tejal Daruwale
Production Coordinator
Melwyn D'sa
Cover Work
Melwyn D'sa
Cover Image
Sheetal Aute
About the Authors
Luca Masini is a Senior Software Engineer and Architect who started as a Game Developer for Commodore 64 (Football Manager) and Commodore Amiga (Ken il Guerriero); he soon switched to object-oriented programming and, from its inception in 1995, he was always attracted to the Java language.
He worked on this passion as a consultant for some major Italian banks, developing and integrating major software projects for which he has often taken on the technical leadership role. He adapted Java Enterprise in environments where COBOL was the flagship platform, converting them from mainframe-centric to distributed.
He then shifted his focus to open source, starting from Linux, and then enterprise frameworks, with which he was able to introduce concepts like IoC, ORM, and MVC with minimum impact. He was an early adopter of Spring, Hibernate, Struts, and a whole host of other technologies that in the long run have given his customers a technological advantage and because of which development costs have also lowered.
Lately, however, his attention has been completely directed towards the simplification and standardization of development with Java EE, and for this reason he's now working at the Information and Communications Technology department of a large Italian company to introduce advanced build tools (Maven and Continuous Integration), archetypes of projects, and Agile Development with plain standards.
He has worked on the following books published by Packt Publishing:
Google Web Toolkit
Spring Web Flow 2
Spring Persistence with Hibernate
Dedicated to my skunk (Dedicato alla mia puzzola)
Vincenzo Rinaldi was born in Milan, Italy, and continues to live and work there. He has over 10 years of experience with system administration in critical contexts, where he contributes with designing, managing, and supporting internal IT infrastructures. He studies and researches many technologies, products, Operating Systems, and custom implementations on a daily basis to meet the business processes. He works with many suppliers, internal teams, and customer services in a mass retail company and coordinates a team to work in the middleware, Operating Systems, and DB stack.
He is an RHCE Certified Engineer and also has great experience in WebLogic setup and administration, generally in the middleware layer.
You can read more about him on his Linkedin profile at http://www.linkedin.com/in/vincenzorinaldi.
The first big thanks goes to my pregnant wife Nadia and my son Mattia, they have supported me with their energy. One big thanks to my colleague Luca Masini and all those colleagues who supported me in the writing of this book.
About the Reviewers
Andrea Fiorentini graduated in Multimedia Systems and Telecommunications Engineering from the University of Siena in the year 2003. He attended a course for an internship at the company for which he works since June 2004 as a systems engineer and programmer.
The company for which he works is dedicated to providing services to the cooperative credit banks in Italy. He has a sound knowledge of the Oracle database, Application Server (iAS), WebLogic Server, and Business Intelligence software. He has also finished a training course in Oracle named Developing Oracle Web Services Using Java Technology
.
For the last two years he has been the head of the development team at the company that