Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Securing WebLogic Server 12c
Securing WebLogic Server 12c

Securing WebLogic Server 12c: Learn to develop, administer and troubleshoot for WebLogic Server with this book and ebook.

eBook
$18.99 $21.99
Paperback
$29.99
Subscription
Free Trial
Renews at $19.99p/m

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing
Table of content icon View table of contents Preview book icon Preview Book

Securing WebLogic Server 12c

Chapter 2. WebLogic Security Realm

WebLogic security configuration can be difficult to understand. This chapter clearly covers every aspect you need to consider for activating an internal or external user and group structure. Here, you can also find a very useful section about errors and debugging tips, needed to resolve your configuration issues. This chapter includes the following:

  • Configuration of local LDAP server: user/roles/lockout

  • Configuring an external LDAP for Authentication/Authorization

  • Using Identity Assertion

Configuration of local LDAP server: user/roles/lockout


The simplest way to configure your security realm is through the WebLogic Administration Console; you can find all about security in the section, on the main tree, Security Realms, where the default configuration called myrealm is placed.

Under Security Realms, we have a preconfigured subset of Users, Groups, Authentication methods, Role Mapping, Credential Mapping providers, and some other security settings.

You can configure many realms' security sets, but only one will be active.

On the myrealm section, we find all security parameters of the internal LDAP server configurations, including users and groups.

Consider this; Oracle declares that the embedded WebLogic LDAP server works well with less than 10,000 users; for more users, consider using a different LDAP server and Authentication Provider, for example, an Active Directory Server.

Users and groups

Obviously, here you can add and configure some internal users and some internal groups...

Configuring an external LDAP for Authentication/Authorization


WebLogic supports several types of external authentication providers. Any LDAP v2 or v3 compliant LDAP server should work. Next, we cover the configuration of the Microsoft Active Directory provider in detail, to provide us also with the support for Kerberos Single Sign-On (SSO) integration in a Microsoft domain network; we will see this in Chapter 5, Integrating with Kerberos SPNEGO Identity Assertion.

There are lots of advantages by connecting an existent Users and Groups infrastructure. It permits us to centralize any object (Users and Groups) and centrally manage the security rules and policies without the need to access the WebLogic server. Also, any change applied on Active Directory is logically and dynamically propagated to WebLogic security.

To configure our provider faster and easier, we can use the WebLogic console (advanced users can also use the WebLogic Scripting Tool (WLST) to make many configuration changes)...

Using Identity Assertion


Typically to support an SSO process, you need to have a LoginModule object and an Identity Assertion provider. With these objects, you can exploit tokens stored by the operating system to do the HTTP authorization process without entering username and password and gain access to your secure resources.

The LoginModule objects trust that the user has obtained the token by providing the username and password to another authority.

Your token can pass from client to server in different ways such as HTTP headers, cookies, SSL certificates, or other custom mechanisms. The Identity Assertion needs to grab this token and extract the security information to allow access to the secured context paths.

We will be using the SPNEGO Identity Asserter provider in Chapter 5, Integrating with Kerberos SPNEGO Identity Assertion to configure the SSO integration in an Active Directory context.

Summary


This chapter covered the basic administration of users and groups of the internal WebLogic LDAP server and some facilities to manage and understand security roles and conditions that you will configure in your server.

This is an important chapter, which covers in detail the parameters and concepts required to attach your WebLogic server in an existing Active Directory environment, tuning and understanding some tricks to improve their performance.

We also discussed the issues that often occur during configuration, along with some typical error codes and their possible solutions.

Left arrow icon Right arrow icon

Key benefits

  • Discover Authentication providers
  • Configure security for WebLogic applications and develop your own security providers
  • Step by step guide to administer and configure WebLogic security providers
  • Quick guide to security configuration in WebLogic realm

Description

Security is a must in modern Enterprise architecture, and WebLogic implements a very complete and complex architecture for configuration and implementation, and we need to deeply know in technologies, terminology and how the security process works between all actors. Transparent security of your applications and Weblogic infrastructure need a good knowledge of the issues you can incur in this long and error prone configuration process. "Securing WebLogic Server 12c" will simplify a complex world like WebLogic Security, helping the reader to implement and configure. It's the only fast guide that will let you develop and deploy in a production system with best practices both from the development world and the operation world. This book will try to make a clear picture of Java EE Security with clean and simple step-by-step examples that will guide the reader to security implementation and configuration From the concepts of Java EE Security to the development of secure application, from the configuration of a realm to the setup of Kerberos Single Sign on, every concept is expressed in simple terms and surrounded by examples and pictures. Finally, also a way to develop WebLogic Security Providers with Maven, so that you can add the security part of your infrastructure to your enterprise best practices.

Who is this book for?

If you are a WebLogic Server administrator looking forward to a step by step guide to administer and configure WebLogic security, then this is the guide for you. Working knowledge of WebLogic is required.

What you will learn

  • Setup your development environment for WebLogic with Maven
  • Develop applications with Maven using fast split-deployment
  • Configure your applications to take advantage of Java EE Security
  • Understand how to integrate with WebLogic security
  • Configure a Security Realm from scratch
  • Integrate with your enterprise security systems
  • Detailed how-to Kerberos single-sign-on configuration with a little, but userful, knowledge base to solve some typical issue

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Nov 23, 2012
Length: 100 pages
Edition : 1st
Language : English
ISBN-13 : 9781849687782
Vendor :
Oracle
Concepts :

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : Nov 23, 2012
Length: 100 pages
Edition : 1st
Language : English
ISBN-13 : 9781849687782
Vendor :
Oracle
Concepts :

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total $ 145.97
Getting Started with Oracle WebLogic Server 12c: Developer's Guide
$60.99
Securing WebLogic Server 12c
$29.99
Oracle WebLogic Server 12c Advanced Administration Cookbook
$54.99
Total $ 145.97 Stars icon

Table of Contents

5 Chapters
WebLogic Security Concepts Chevron down icon Chevron up icon
WebLogic Security Realm Chevron down icon Chevron up icon
Java EE Security with WebLogic Chevron down icon Chevron up icon
Creating Custom Authentication Providers with Maven Chevron down icon Chevron up icon
Integrating with Kerberos SPNEGO Identity Assertion Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Empty star icon Empty star icon Empty star icon 2
(2 Ratings)
5 star 0%
4 star 0%
3 star 50%
2 star 0%
1 star 50%
Edwin Biemond Jan 06, 2013
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3
This small book shortly explains all the parts which are involved by the WebLogic Security Framework. It describes how to use the internal weblogic and an external LDAP server as authentication provider. Plus a maven example howto develop, deploy a web application which uses security. Another maven example howto develop or configure a custom provider. And the last chapter explains Microsoft Active Directory SSO with WebLogic. I Did not see many new 12c features and most of this information should also work on WebLogic 10.3. I liked the small part about programmatic security with WebLogic XACML provider. But I hoped to learn more about WebLogic 12c and Java EE 6 like the JASPIC,JACC specifications and how this works with WebLogic plus why they are limited compared to weblogic custom providers. The maven part is great for testing the examples but it does not add any value to this content.
Amazon Verified review Amazon
Jayaprakash Aug 12, 2016
Full star icon Empty star icon Empty star icon Empty star icon Empty star icon 1
One of the Useless book i have buy it sofar.Security in Java/JEE and in weblogic is one of the most beautiful concept.But this book was explained in a ugly fashion.I don't understand why Author choose to write this topic without providing any intro and technical stuff ,only by writing theory.It is waste of money ,time and expectations to invest on this book.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.