glog.authentication Properties

To control the behavior of Oracle Transportation Management, you can change settings in the glog.properties file or the appropriate property set.

Property	New in Version	Description
glog.authentication.checkWeblogicLockout	6.2.10	This property disables WebLogic account lockout checks. The default is false, which means no JMX lookups are attempted.
glog.authentication.handleWeblogicLockout	6.2.10	The system can be configured to automatically clear users locked out of WebLogic. When setting the property to true, the system takes a two-pass approach to client authentication to WebLogic (i.e. through JAAS). On the first pass, normal authentication is performed against the WebLogic security realm managed by OTM. If this fails, the system checks to see if the failure was due to the user being locked out of WebLogic. If so, a warning is logged under the System Log ID (to a Web log) and the lock out is cleared. On the second pass, authentication avoids the lockout message and proceeds to application-tier password authentication. This approach is reasonably secure since the system manages authentication and account policies for all OTM users. OTM users cannot get access to other WebLogic applications (e.g. the console) and other users will not authenticate through the OTM JAAS module.

Property

New in Version

Description

glog.authentication.checkWeblogicLockout

6.2.10

This property disables WebLogic account lockout checks. The default is false, which means no JMX lookups are attempted.

glog.authentication.handleWeblogicLockout

6.2.10

The system can be configured to automatically clear users locked out of WebLogic. When setting the property to true, the system takes a two-pass approach to client authentication to WebLogic (i.e. through JAAS). On the first pass, normal authentication is performed against the WebLogic security realm managed by OTM. If this fails, the system checks to see if the failure was due to the user being locked out of WebLogic. If so, a warning is logged under the System Log ID (to a Web log) and the lock out is cleared. On the second pass, authentication avoids the lockout message and proceeds to application-tier password authentication.

This approach is reasonably secure since the system manages authentication and account policies for all OTM users. OTM users cannot get access to other WebLogic applications (e.g. the console) and other users will not authenticate through the OTM JAAS module.

glog.authentication Properties

Related Topics