Securing WebLogic Server 12c
By Luca Masini and Rinaldi Vincenzo
()
About this ebook
Related to Securing WebLogic Server 12c
Related ebooks
Modern Oracle Enterprise Architecture: Discover Oracle's Hidden Gems for Next Generation Database and Application Migrations Rating: 0 out of 5 stars0 ratingsLearning Windows Server Containers Rating: 0 out of 5 stars0 ratingsSolarWinds Server & Application Monitor : Deployment and Administration Rating: 0 out of 5 stars0 ratingsInstant Migration from Windows Server 2008 and 2008 R2 to 2012 How-to Rating: 0 out of 5 stars0 ratingsRESTful Java Web Services Security Rating: 0 out of 5 stars0 ratingsHyper-V Network Virtualization Cookbook Rating: 0 out of 5 stars0 ratingsLearning Azure DocumentDB Rating: 0 out of 5 stars0 ratingsOracle WebLogic Server 12c Advanced Administration Cookbook Rating: 0 out of 5 stars0 ratingsOracle 11g Streams Implementer's Guide Rating: 0 out of 5 stars0 ratingsOracle GoldenGate With Microservices: Real-Time Scenarios with Oracle GoldenGate Rating: 0 out of 5 stars0 ratingsOracle GoldenGate 12c Implementer's Guide Rating: 0 out of 5 stars0 ratingsOracle Database 12c Security Cookbook Rating: 0 out of 5 stars0 ratingsOracle GoldenGate 11g Implementer's guide Rating: 5 out of 5 stars5/5Oracle Database 12c Release 2 New Features Rating: 0 out of 5 stars0 ratingsIBM WebSphere Application Server 8.0 Administration Guide Rating: 0 out of 5 stars0 ratingsMigrating to the Cloud: Oracle Client/Server Modernization Rating: 0 out of 5 stars0 ratingsMySQL Administrator's Bible Rating: 5 out of 5 stars5/5WebSphere Application Server: Step by Step Rating: 4 out of 5 stars4/5Terraform for Developers Rating: 0 out of 5 stars0 ratingsOracle: Protect Your Data Rating: 0 out of 5 stars0 ratingsOracle Fusion Middleware Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsOracle API Management 12c Implementation Rating: 0 out of 5 stars0 ratingsInstant PostgreSQL Backup and Restore How-to Rating: 0 out of 5 stars0 ratingsOracle Goldengate 11g Complete Cookbook Rating: 5 out of 5 stars5/5Oracle 11g R1/R2 Real Application Clusters Essentials Rating: 5 out of 5 stars5/5Instant Oracle GoldenGate Rating: 0 out of 5 stars0 ratingsMastering IBM WebSphere Portal: Expert Guidance to Build and Deploy Portal Applications Rating: 4 out of 5 stars4/5Oracle Exadata Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratingsOracle 10g/11g Data and Database Management Utilities Rating: 0 out of 5 stars0 ratingsThe Real MCTS SQL Server 2008 Exam 70-432 Prep Kit: Database Implementation and Maintenance Rating: 4 out of 5 stars4/5
Enterprise Applications For You
Bitcoin For Dummies Rating: 4 out of 5 stars4/5Scrivener For Dummies Rating: 4 out of 5 stars4/5Creating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5QuickBooks 2021 For Dummies Rating: 0 out of 5 stars0 ratingsChatGPT Ultimate User Guide - How to Make Money Online Faster and More Precise Using AI Technology Rating: 0 out of 5 stars0 ratings50 Useful Excel Functions: Excel Essentials, #3 Rating: 5 out of 5 stars5/5Systems Thinking: Managing Chaos and Complexity: A Platform for Designing Business Architecture Rating: 4 out of 5 stars4/5Excel : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Excel Programming: 1 Rating: 5 out of 5 stars5/5Excel 2016 For Dummies Rating: 4 out of 5 stars4/5Create Income through Self-Publishing: An Author's Approach on Generating Wealth by Self-Publishing Rating: 5 out of 5 stars5/5Experts' Guide to OneNote Rating: 5 out of 5 stars5/5Excel Formulas and Functions 2020: Excel Academy, #1 Rating: 4 out of 5 stars4/5QuickBooks 2023 All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsNotion for Beginners: Notion for Work, Play, and Productivity Rating: 4 out of 5 stars4/5The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5101 Ready-to-Use Excel Formulas Rating: 4 out of 5 stars4/5Enterprise AI For Dummies Rating: 3 out of 5 stars3/5Excel 2019 For Dummies Rating: 3 out of 5 stars3/5Excel Guide for Success Rating: 5 out of 5 stars5/5Zoom For Dummies Rating: 0 out of 5 stars0 ratingsThe New Email Revolution: Save Time, Make Money, and Write Emails People Actually Want to Read! Rating: 5 out of 5 stars5/5Excel Data Analysis For Dummies Rating: 0 out of 5 stars0 ratingsMastering QuickBooks 2020: The ultimate guide to bookkeeping and QuickBooks Online Rating: 0 out of 5 stars0 ratingsExcel 2019 Bible Rating: 4 out of 5 stars4/5Excel Formulas That Automate Tasks You No Longer Have Time For Rating: 5 out of 5 stars5/5Excel : The Complete Ultimate Comprehensive Step-By-Step Guide To Learn Excel Programming Rating: 0 out of 5 stars0 ratings
Reviews for Securing WebLogic Server 12c
0 ratings0 reviews
Book preview
Securing WebLogic Server 12c - Luca Masini
Table of Contents
Securing WebLogic Server 12c
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers and more
Why Subscribe?
Free Access for Packt account holders
Instant Updates on New Packt Books
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. WebLogic Security Concepts
General concept of security in Java EE
WebLogic security architecture
Identifying – Subjects, Principals, and Credentials
WebLogic resources
Writing custom providers – MBeans
Authentication Providers
Authentication under WebLogic
MBean and JAAS
Multipart Authentication Provider
Perimeter Authentication
Identity Assertion
Credential Mapper
JASPIC and Java EE
JACC
Summary
2. WebLogic Security Realm
Configuration of local LDAP server: user/roles/lockout
Users and groups
Users section
Groups section
Security role condition
Basic
Date and time-based
Context element
User lockout
Unlocking user
Configuring an external LDAP for Authentication/Authorization
Configuring a new provider
Control Flag
Active Directory provider-specific configuration
Connection
Users
Groups
Static groups
General
Performance options
Principal Validator Cache
Troubleshooting problems
User lockout in an Active Directory context
Using Identity Assertion
Summary
3. Java EE Security with WebLogic
Setting up an Enterprise Maven project
Creating the modules with maven-archetype-plugin
Installing the WebLogic Server and the WebLogic Maven plugin
Configuring wls-maven-plugin into the EAR POM
Split deploy and beabuild-maven-plugin
Launching our Hello Maven and WebLogic world application
Securing the web module
Standard DD mapping
Custom Roles Mapping
Programmatic security
Programmatic security with WebLogic XACML provider
A RESTful and secure EJB component
Bean packaged into the WAR module
Changing Security Identity with RunAs
Securing the EJB module
Summary
4. Creating Custom Authentication Providers with Maven
The Maven project
Creating the Maven project
Dependencies
Reconfiguring standard plugins
Adding WebLogic MBeanMaker to the POM
Defining the MBean with an MDF File
Writing the MBean implementation
Initializing the provider
Implementation of the provider
Custom JAAS LoginModule
The login() method
Lifecycle methods – commit(), abort(), and logout()
A simple SSO JSP
Running the provider
Summary
5. Integrating with Kerberos SPNEGO Identity Assertion
Using Identity Assertion SSO Kerberos in a Microsoft domain
Windows client needs to be in the Active Directory domain
Windows client session needs to be logged in the Active Directory domain
Integrated Windows Authentication
DNS URL entry configuration and SPN definition
Technical Active Directory user
Keytab generation and the krb5 config file
JAAS file creation
WLS init startup arguments configuration
SPNEGO Identity asserter configuration
Debugging issues
Summary
Index
Securing WebLogic Server 12c
Securing WebLogic Server 12c
Copyright © 2012 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: November 2012
Production Reference: 1201112
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-84968-778-2
www.packtpub.com
Credits
Authors
Luca Masini
Rinaldi Vincenzo
Reviewers
Andrea Fiorentini
Michel Schildmeijer
Acquisition Editor
Rukhsana Khambatta
Commissioning Editor
Priyanka Shah
Technical Editor
Dominic Pereira
Copy Editors
Aditya Nair
Alfida Paiva
Project Coordinator
Michelle Quadros
Proofreader
Maria Gould
Indexer
Tejal Daruwale
Production Coordinator
Melwyn D'sa
Cover Work
Melwyn D'sa
Cover Image
Sheetal Aute
About the Authors
Luca Masini is a Senior Software Engineer and Architect who started as a Game Developer for Commodore 64 (Football Manager) and Commodore Amiga (Ken il Guerriero); he soon switched to object-oriented programming and, from its inception in 1995, he was always attracted to the Java language.
He worked on this passion as a consultant for some major Italian banks, developing and integrating major software projects for which he has often taken on the technical leadership role. He adapted Java Enterprise in environments where COBOL was the flagship platform, converting them from mainframe-centric to distributed.
He then shifted his focus to open source, starting from Linux, and then enterprise frameworks, with which he was able to introduce concepts like IoC, ORM, and MVC with minimum impact. He was an early adopter of Spring, Hibernate, Struts, and a whole host of other technologies that in the long run have given his customers a technological advantage and because of which development costs have also lowered.
Lately, however, his attention has been completely directed towards the simplification and standardization of development with Java EE, and for this reason he's now working at the Information and Communications Technology department of a large Italian company to introduce advanced build tools (Maven and Continuous Integration), archetypes of projects, and Agile Development with plain standards.
He has worked on the following books published by Packt Publishing:
Google Web Toolkit
Spring Web Flow 2
Spring Persistence with Hibernate
Dedicated to my skunk (Dedicato alla mia puzzola)
Vincenzo Rinaldi was born in Milan, Italy, and continues to live and work there. He has over 10 years of experience with system administration in critical contexts, where he contributes with designing, managing, and supporting internal IT infrastructures. He studies and researches many technologies, products, Operating Systems, and custom implementations on a daily basis to meet the business processes. He works with many suppliers, internal teams, and customer services in a mass retail company and coordinates a team to work in the middleware, Operating Systems, and DB stack.
He is an RHCE Certified Engineer and also has great experience in WebLogic setup and administration, generally in the middleware layer.
You can read more about him on his Linkedin profile at http://www.linkedin.com/in/vincenzorinaldi.
The first big thanks goes to my pregnant wife Nadia and my son Mattia, they have supported me with their energy. One big thanks to my colleague Luca Masini and all those colleagues who supported me in the writing of this book.
About the Reviewers
Andrea Fiorentini graduated in Multimedia Systems and Telecommunications Engineering from the University of Siena in the year 2003. He attended a course for an internship at the company for which he works since June 2004 as a systems engineer and programmer.
The company for which he works is dedicated to providing services to the cooperative credit banks in Italy. He has a sound knowledge of the Oracle database, Application Server (iAS), WebLogic Server, and Business Intelligence software. He has also finished a training course in Oracle named Developing Oracle Web Services Using Java Technology
.
For the last two years he has been the head of the development team at the company that