This Is A Custom Widget

This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.

This Is A Custom Widget

This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.

Security

What is the Control Flag in Authentication Provider ?

By | March 6th, 2013|Security, WebLogic Server|

You can configure multiple Authentication providers. You should use the JAAS Control Flag attribute on the Authenticator-->General tab to control how the Authentication providers are used in the login sequence. The Control Flag can have one of these values: REQUIRED: The Authentication provider is always called, and the user must always pass its authentication test. [...]

Troubleshooting LDAP role mapping failure

By | March 5th, 2013|Security, WebLogic Server|

After the user is authenticated, and the groups are found, WLS compares the list of user + groups to the principals that have privilege to access the resource and then either grants or denies the access. A call to the role mapper is performed to get the roles the user/groups have, and then a call [...]

Troubleshooting LDAP group membership problems

By | March 5th, 2013|Security, WebLogic Server|

After the user is authenticated, a search on the groups occurs to get the list of groups this user belongs to, and this used to be able to do the role mapping between groups and roles. This search is done using the "Static Group DNs from Member DN Filter" defined in the authentication provider. Example [...]

Troubleshooting LDAP User Authentication Failures

By | March 5th, 2013|Security, WebLogic Server|

WLS connects first to LDAP and then tries to search for the user based on the User base DN and the user filter defined in the authentication provider/custom realm. Once the user is found, it tries to authenticate using the password provided. To get more information on where exactly the user authentication is failing, enable [...]

Unable To Start Admin Server with Error BEA-000386

By | November 7th, 2011|Security, WebLogic Server|

Symptoms After an outage or unexpected physical machine shutdown weblogic does not start. If you see this error when admin server is starting, or the following exception is thrown: <Critical><BEA-000386> <Server subsystem failed. Reason: java.lang.AssertionError: java.lang.reflect.InvocationTargetException java.lang.AssertionError: java.lang.reflect.InvocationTargetException at weblogic.descriptor.DescriptorManager$SecurityServiceImpl$SecurityProxy._invokeServiceMethod(DescriptorManager.java:175) ... Changes No changes, in particuluar. Possibly a physical machine shutdown or outage. Reason: The [...]

How Passwords Are Protected in WebLogic Server

By | October 12th, 2011|Security, WebLogic Server|

It is important to protect passwords that are used to access resources in a WebLogic domain. In the past, usernames and passwords were stored in clear text in a WebLogic security realm. Now all the passwords in a WebLogic domain are hashed. The SerializedSystemIni.dat file contains the hashes for the passwords. It is associated with a specific [...]

How To Recover SerializedSystemIni.Dat When It Gets Corrupted?

By | October 11th, 2011|Security, WebLogic Server|

Please do the following steps in order to recover SerializedSystemIni.dat file: Go to DOMAIN_HOME/config Open the config.xml file and remove any encrypted sections from the <credential-encrypted> attributes. Replace its content with "" Save the file. Go to DOMAIN_HOME/servers/AdminServer/security Remove the boot.properties file if exists. Go to DOMAIN_HOME/security Remove SerializedSystemInit.dat Go to DOMAIN_HOME/ Rename the fileRealm.properties [...]

SSL tips in WebLogic

By | June 10th, 2011|Security, WebLogic Server|

When using SSL with WebLogic Server, use keystores; storing identity (private keys and certs) and trust (CA) in files is deprecated. Migrating from an earlier version might require you to create keystores from private keys, certs, or trust files. If the network that connects WebLogic Server in a domain is not trusted, enable SSL on [...]