Search This Blog

Monday 31 August 2015

WebLogic Security - Boot Identity

When you first time installed and configured a WebLogic Server in production domain it will prompt you for username and password, when you start the server using startWebLogic.sh or startWebLogic.cmd in command line it will wait as follows:

cd $DOMAIN_HOME/
./startWebLogic.sh

Without Boot identity production mode startWebLogic prompting
Start WebLogic server without prompting for user credentials

Create security folder in the AdminServer folder which is in the $DOMAIN_HOME/servers/

mkdir security

Create security folder in the AdminServer folder
You can use any editor to to create the boot identity here I m using vi.

 vi boot.properties

Enter the two lines int the boot.properties file.

username=weblogic
password=welcome1
Create Boot identity: boot.properties

After boot identity creation server starts using stored boot.properties
 WebLogic server when it is first time reads the clear text username, password from the boot identity file it will over writes into the same boot.properties file with the encrypted values for username, password. You can verify that using

cat boot.properties
After starting the server WebLogic encrypts the boot idenity with AES algorithm
Certification Question: 
[This can be interesting interview question as well!]
If an Administrator changes the weblogic password from the Admin Console. what would happen to boot identity? Does the next restart works fine? else you need to modify anything in the boot identity?
Changing the password for weblgoic user

enter new password, confirm password and save
After the changing the password you can stop the server and start the server.
When I've started the server got the the following security error:
    
The fix for this issue is you need to reenter the username,password in the boot.properties file.
start the AdminServer.... it will re-run the encryption and will  identifies the boot identity again :)


No comments:

Post a Comment

WebLogic Books

  • Oracle WebLogic Server 12c: Administration Handbook
  • WebLogic Diagnostic Framework
  • Advanced WebLogic Server Automation
  • Oracle SOA Suite 11g Administrator's Handbook

Popular Posts