Showing posts with label weblogic. Show all posts
Showing posts with label weblogic. Show all posts

Thursday, September 26, 2013

Configure Weblogic SSL to deny SSLv2

Quick post, with a quick solution.

We are going through some security audits, and one of the things that we had failed on was an SSL test on our OBIEE server. The issue was that by default, Weblogic was allowing SSLv2 and weak ciphers, something out security team doesn't like.

The solution took me some googleing, but I found the change and it was quite simple. Essentially we had to add a simple command line argument to our bi_server startup script:

-Dweblogic.security.SSL.protocolVersion=SSL3 -Dweblogic.security.disableNullCipher=true

That resolved it, and now we are passing the SSL check.

For reference on how we setup SSL for OBIEE in Weblogic on the appserver, check out the previous blog post.
Posted by at No comments:
Labels: , , ,

Friday, May 24, 2013

Setting up SSL for Weblogic

We recently needed to setup SSL for OBIEE so that we could accept the EBS cookie for single sign on between EBS and OBIEE (post to come soon on how to get that all wired up). Unfortunatly I don't have all of the steps, as someone else on the team handles the making of the actual cert, but I can provide all steps around the process.

Continue on to read what I did to create a private key, create a certificate request (CSR), and configure WebLogic to enable the SSL port for OBIEE.

Read more »
Posted by at No comments:
Labels: , , ,

Saturday, February 23, 2013

Configure Change Password for Weblogic users in OBIEE 11g

Initially at my current engagement, we were using the inbuilt WebLogic LDAP for controlling user access to OBIEE 11g. We have since switched to using the EBS-ICX cookie SSO method (blog post on how to set this up coming soon), and are currently researching OID integration for SSO.

 Side note, the "EBS-ICX" cookie method does not allow for use of Agents or BI Publisher within OBIEE. These are known oracle bugs, but according to the SR I had opened, they are not high on the list to be fixed.

[Update - 10/30/2013: I found a solution to this. Read my post here.]

One of the draw backs to using Weblogic for your Identity Store is that if a user wants to change their password, there is no means of doing so from within OBIEE. I searched the web, and found articles that covered parts, but not the whole thing. Continue on to read step by step instructions to get setup.

Read more »
Posted by at 32 comments:
Labels: , , ,
Subscribe to: Posts (Atom)