2.4 Application Server Security

This topic provides information on application server security.

This topic consists the following sub-topics:

• Overview
  This topic provides information on overview.
• Installation of Oracle WebLogic Server
  This topic provides information on installation of oracle weblogic server.
• Securing the WebLogic Server Installation
  This topic provides information on securing the weblogic server installation.
• Network Perimeter Protection
  This topic provides information on network perimeter protection.
• Operating System Users and Groups
  This topic provides information on operating system users and groups.
• File System Access to OS Users
  This topic provides information on file system access to OS users.
• Usage of Protected Ports
  This topic provides information on usage of protected ports.
• Choice of the SSL cipher suite
  This topic provides information on choice of the SSL cipher suite.
• Usage of WebLogic Connection Filters
  This topic provides information on usage of weblogic connection filters.
• Usage of Domain-wide Administration Port for Administrative Traffic
  This topic provides information on usage of domain-wide administration port for administrative traffic.
• Secure the Embedded LDAP port
  This topic provides information on secure the embedded LDAP port.
• Disable Remote Access to the JVM Platform MBean Server
  This topic provides information on disable remote access to the JVM platform MBean server.
• Precautions when using SNMP
  This topic provides information on precautions when using SNMP.
• Securing the WebLogic Security Service
  This topic provides information on securing the weblogic security service.
• Enable SSL, but avoid using Demonstration Certificates
  This topic provides information on enable SSL, but avoid using demonstration certificates.
• Enforce Security Constraints on Digital Certificates
  This topic provides information on enforce security constraints on digital certificates.
• Ensure that Host Name Verification is Enabled
  This topic provides information on ensure that host name verification is enabled.
• Impose Size and Time Limits on Messages
  This topic provides information on impose size and time limits on messages.
• Restrict the Number of Open Sockets
  This topic provides information on restrict the number of open sockets.
• Configure WebLogic Server to Manage Overload
  This topic provides information on configure weblogic server to manage overload.
• User Lockouts and Login Time Limits
  This topic provides information on user lockouts and login time limits.
• Enable Configuration Auditing
  This topic provides information on enable configuration auditing.
• System Administrator Accounts
  This topic provides information on system administrator accounts.