MdFaisal Khan

How did you conclude that its a leak?

Will it be possible for you to share your app so that I can test?

[email protected]

Regards,
Faisal

You can refer this link to solve the issue

http://weblogic-wonders.com/weblogic/2010/01/28/troubleshooting-ssl-issues/

Thanks,
Faisal

This is an old doc that lists the plugin parameters

http://docs.oracle.com/cd/E13222_01/wls/docs81/plugins/plugin_params.html

cookie path doesnt seem to be there, but you should be able to use the standard parameters along with wls plugin params

Thanks,
Faisal

You need to remove the certificate that is causing the issue.
You can find the steps to remove the certificate here

http://weblogic-wonders.com/weblogic/2010/01/28/troubleshooting-ssl-issues/

Thanks,
Faisal

You can configure SAF


http://weblogic-wonders.com/weblogic/2010/06/14/configuring-saf-store-and-forward-between-two-weblogic-server-domains/

Are you trying to configure WLS to do Kerberos based authentication?

The step you are following will not work..


Please follow the steps here

http://weblogic-wonders.com/weblogic/2009/11/15/configuring-kerberos-with-weblogic-server/

Let me know if you face issues.

Thanks,
Faisal

or you can pass the keystore from java options.. enable SSL and Webservices debug on Weblogic server and share the logs.

Thanks,
Faisal
http://www.weblogic-wonders.com

You can follow the steps here to to configure IIS7 with Weblogic


http://weblogic-wonders.com/weblogic/2012/10/03/configure-iis7-as-a-proxy-with-weblogic-server/

Did you upgrade to reach to WLS 9.2?
Do you have a default authenticator as well?
So long you have a default authenticator and the control flag of the rdbms authenticator is not set to required/requisite other applications will not be affected.

Why don't you get rid of your compatability realm? it would require only a few changes in config n file..

You can set up a new rdbdms authenticator following my article here

http://weblogic-wonders.com/weblogic/2010/03/11/configuring-sql-authenticator-with-weblogic-server/

Let me know if you face any issues

Thanks,
Faisal

All these are very old vulnerabilities and they should have been fixed by now. Also its not specific to webserviceclient+ssl.jar.
You can secure your server further following my recommendations here

http://weblogic-wonders.com/weblogic/2014/06/24/recommended-best-practices-securing-weblogic-server/

Thanks,
Faisal

You can verify your configuration by referring this article on weblogic connection filters

http://weblogic-wonders.com/weblogic/2011/03/03/weblogic-connection-filters/

Thanks,
Faisal

You can refer this link to understand what's new in Weblogic Server 12c

http://weblogic-wonders.com/weblogic/2013/09/12/whats-new-weblogic-12c-12-1-2/

You can refer this link for Weblogic Server Interview Questions

http://weblogic-wonders.com/weblogic/2012/02/21/general-weblogic-server-interview-questions/

Enable userlogout debug from the weblogic console and check the logs..

you can unlock d user from console or programatically as explaied here

http://weblogic-wonders.com/weblogic/2010/11/12/userlockout-feature-of-weblogic-server/

add me on skype.. we can try to fix it on screenshare
faiz6692