4 Security guidelines for the middle tier
After you import the projects, ensure that the data source connection, JMS Servers, and JMS Topics are created in Oracle WebLogic Server console and the user(s) created in Oracle WebLogic Server are assigned to the MasterIndex.Admin group.
- Remove unused applications from WebLogic
Currently, the WebLogic Server installation includes the entire JDK and some additional WebLogic Server development utilities (for example, wlsvc). These development programs are not needed at runtime and can be safely removed. - Enable SSL (for middle tier)
It is optional to enable SSL, but Oracle recommends SSL for a production environment. - Configure SSL
After you enable SSL, you must configure it. - Allow known host only
Allowing only known IP's to access the OHMPI application would prevent it to be crawled by search engines and only let customers access the application. This can be done by restricting access from customer's public IP's. - Protect user accounts
WebLogic Server defines a set of configuration options to protect user accounts from intruders. In the default security configuration, these options are set for maximum protection. You can use the Administration Console to modify these options on the Configuration > User Lockout page. - Create MIDM User Accounts for Web Service on WebLogic
To create a new user, you must create the MasterIndex.Admin group. Then, you can create a new user. - Set up the user for MIDM access using WebLogic
To set up the user for MIDM accessing, you create the MasterIndex.Admin and Administrator groups. Then, you create a new user within the two groups. Use the user you create for MIDM access using the WebLogic Admin Console. - Integrate application-generated logs with Security Information and Event Management System (SIEM)
Use a centralized log monitoring tool that collects application-generated logs from Oracle Healthcare Master Person Index.