This chapter discusses security considerations for immediate post-installation configuration of Oracle Commerce Platform. It particularly concentrates on login, SSL, and inter-application communication issues. These considerations are largely invisible to end users, but are critical for application security.
Each section in this chapter provides a brief overview of the security issue under consideration, and provides pointers for more detailed information regarding that issue.
This chapter includes the following sections:
Enabling SSL on Oracle Commerce Service Center Applications
Guarding Against Attacks Through Request-Handling Pipeline Configuration
Setting Access Levels for Properties Files
Encrypting Credit Card Numbers in CRS
Hashing Passwords in LDAP Profile Repositories
Encrypted Properties in Nucleus Components
