MdFaisal Khan

Greenhorn
+ Follow
since Mar 02, 2011
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
In last 30 days
0
Forums and Threads

Recent posts by MdFaisal Khan

How did you conclude that its a leak?

Will it be possible for you to share your app so that I can test?

[email protected]

Regards,
Faisal
10 years ago
This is an old doc that lists the plugin parameters

http://docs.oracle.com/cd/E13222_01/wls/docs81/plugins/plugin_params.html

cookie path doesnt seem to be there, but you should be able to use the standard parameters along with wls plugin params

Thanks,
Faisal

10 years ago
You need to remove the certificate that is causing the issue.
You can find the steps to remove the certificate here

http://weblogic-wonders.com/weblogic/2010/01/28/troubleshooting-ssl-issues/

Thanks,
Faisal
10 years ago
Are you trying to configure WLS to do Kerberos based authentication?

The step you are following will not work..


Please follow the steps here

http://weblogic-wonders.com/weblogic/2009/11/15/configuring-kerberos-with-weblogic-server/

Let me know if you face issues.

Thanks,
Faisal
10 years ago
or you can pass the keystore from java options.. enable SSL and Webservices debug on Weblogic server and share the logs.

Thanks,
Faisal
http://www.weblogic-wonders.com
10 years ago
Did you upgrade to reach to WLS 9.2?
Do you have a default authenticator as well?
So long you have a default authenticator and the control flag of the rdbms authenticator is not set to required/requisite other applications will not be affected.

Why don't you get rid of your compatability realm? it would require only a few changes in config n file..

You can set up a new rdbdms authenticator following my article here

http://weblogic-wonders.com/weblogic/2010/03/11/configuring-sql-authenticator-with-weblogic-server/

Let me know if you face any issues

Thanks,
Faisal
10 years ago
All these are very old vulnerabilities and they should have been fixed by now. Also its not specific to webserviceclient+ssl.jar.
You can secure your server further following my recommendations here

http://weblogic-wonders.com/weblogic/2014/06/24/recommended-best-practices-securing-weblogic-server/

Thanks,
Faisal
10 years ago
You can verify your configuration by referring this article on weblogic connection filters

http://weblogic-wonders.com/weblogic/2011/03/03/weblogic-connection-filters/

Thanks,
Faisal
10 years ago
Enable userlogout debug from the weblogic console and check the logs..

you can unlock d user from console or programatically as explaied here

http://weblogic-wonders.com/weblogic/2010/11/12/userlockout-feature-of-weblogic-server/

11 years ago
add me on skype.. we can try to fix it on screenshare
faiz6692
11 years ago