Technical data

14 Managing Security

14-60 Administration Guide

1. Configure WebLogic Server to use the SSL protocol. For more information, see

Defining Attributes for the SSL Protocol

2. Configure the client Object Request Broker (ORB) to use the SSL protocol. Refer

to the product documentation for your client ORB for information about

configuring the SSL protocol.

3. Use the

host2ior utility to print the WebLogic Server IOR to the console. The

host2ior utility prints two versions of the interoperable object reference (IOR),

one for SSL connections and one for non-SSL connections. The header of the

IOR specifies whether or not the IOR can be used for SSL connections.

4. Use the SSL IOR when obtaining the initial reference to the CosNaming service

that accesses the WebLogic Server JNDI tree.

For more information about using RMI over IIOP, see Programming WebLogic RMI

Over IIOP.

Protecting Passwords

It is important to protect the passwords that are used to access resources in WebLogic

Server. In the past, usernames and passwords were stored in clear text in a WebLogic

Server security realm. Now WebLogic Server hashes all passwords. When WebLogic

Server receives a client request, the password presented by the client is hashed and

WebLogic Server compares it to the already hashed password for matching.

Each

filerealm.properties file has an associated SerializedSystemIni.dat

file that is used to hash the passwords. During installation, the

SerializedSystemIni.dat file is put in the \wlserver6.1\config\ directory.

If for any reason the

SerializedSystemIni.dat file is corrupted or destroyed, you

must reconfigure WebLogic Server.

Take the following precautions:

n Make a backup copy of the SerializedSystemIni.dat file and put it in the

same location as a copy of its associated

filerealm.properties file.