Manualshelf

Technical data

ManualsBrandsBEA ManualsComputer equipmentWebLogic Server 7
291292293294295296297298299300
Protecting Passwords
Administration Guide 14-61
n Set the permissions on the SerializedSystemIni.dat file protections such
that the administrator of the WebLogic Server deployment has write and read
privileges and no other users have any privileges.
n If you have a weblogic.properties file with passwords that you want to hash,
use the
Convert weblogic.properties option on the main window in the
Administration Console to convert the
weblogic.properties file to a
config.xml file. Once the file is converted, all existing passwords are
protected.
The
config.xml file no longer has clear text passwords. In place of clear text
passwords, the
config.xml file has encrypted, hashed passwords. You cannot copy
encrypted passwords from one domain to another. Instead, you can edit the
config.xml file and replace the existing encrypted and hashed passwords with clear
text passwords and then copy the file to the new domain. The Administration Console
will encrypt and hash the passwords the next time it writes to the file.
Password guessing is a common type of security attack. In this type of attack, a hacker
attempts to log in to a computer using various combinations of usernames and
passwords. WebLogic Server has strengthened its protection against password
guessing by providing a set of attributes designed to protect passwords.
To protect the passwords in your WebLogic Server deployment, you must perform the
following steps:
1. Open the Administration Console.
2. Click on the Security node.
3. In the right pane of the Administration Console, click on the Passwords tab.
4. Define the desired attributes on this tab by entering values at the appropriate
prompts and selecting the required checkboxes. (For details, see the following
table).
5. Click the Apply button to save your choices.
6. Reboot WebLogic Server.
The following table describes each attribute on the Passwords tab.