Search This Blog

Monday, 31 August 2015

WebLogic Security - Boot Identity

When you first time installed and configured a WebLogic Server in production domain it will prompt you for username and password, when you start the server using or startWebLogic.cmd in command line it will wait as follows:


Without Boot identity production mode startWebLogic prompting
Start WebLogic server without prompting for user credentials

Create security folder in the AdminServer folder which is in the $DOMAIN_HOME/servers/

mkdir security

Create security folder in the AdminServer folder
You can use any editor to to create the boot identity here I m using vi.


Enter the two lines int the file.

Create Boot identity:

After boot identity creation server starts using stored
 WebLogic server when it is first time reads the clear text username, password from the boot identity file it will over writes into the same file with the encrypted values for username, password. You can verify that using

After starting the server WebLogic encrypts the boot idenity with AES algorithm
Certification Question: 
[This can be interesting interview question as well!]
If an Administrator changes the weblogic password from the Admin Console. what would happen to boot identity? Does the next restart works fine? else you need to modify anything in the boot identity?
Changing the password for weblgoic user

enter new password, confirm password and save
After the changing the password you can stop the server and start the server.
When I've started the server got the the following security error:
The fix for this issue is you need to reenter the username,password in the file.
start the AdminServer.... it will re-run the encryption and will  identifies the boot identity again :)

WebLogic Books

  • Oracle WebLogic Server 12c: Administration Handbook
  • WebLogic Diagnostic Framework
  • Advanced WebLogic Server Automation
  • Oracle SOA Suite 11g Administrator's Handbook

Popular Posts