Wednesday, August 15, 2012

How can we Passwords Are Protected in WebLogic Server?

It is important to protect passwords that are used to access resources in a WebLogic domain. In the past, usernames and passwords were stored in clear text in a WebLogic security realm. Now all the passwords in a WebLogic domain are hashed. The SerializedSystemIni.dat file contains the hashes for the passwords. It is associated with a specific WebLogic domain so it cannot be moved from domain to domain.
If the SerializedSystemIni.dat file is destroyed or corrupted, you must reconfigure the WebLogic domain. Therefore, you should take the following precautions:
Make a backup copy of the
  • SerializedSystemIni.dat file and put it in a safe location.
  • Set permissions on the SerializedSystemIni.dat file such that the system administrator of a WebLogic Server deployment has write and read privileges and no other users have any privileges.

No comments:

Post a Comment