• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

access control on jndi lookup

 
Abhinav Srivastava
Ranch Hand
Posts: 354
Eclipse IDE Java Oracle
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
while accessing EJBs or DataSources using InitialContext and JNDI Names, we have the option of supplying Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS

I am able to access when I don't provide any principal or credential, or when I provide the right values but not when i provide wrong values. How do I disable access when no values are provided.
 
Roger Chung-Wee
Ranch Hand
Posts: 1683
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The default values for Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS depend on whether the current thread is already associated with a user defined in the WebLogic security realm. If they are, then the values default to the current user. If not, these properties default to guest user.

You can set these properties in a jndi.properties file which has been placed where the application classloader can find it. Once the properties have been set, you can simply instanciate InitialContext by using the no-arg constructor.
 
Abhinav Srivastava
Ranch Hand
Posts: 354
Eclipse IDE Java Oracle
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
where does the "guest" user come from? what do i have to do in order to disable this user? its like having all the security and still being able to access the server without passing any credentials!
 
Roger Chung-Wee
Ranch Hand
Posts: 1683
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The guest user may not be enabled by default - this depends on the version of WebLogic Server which you are running. In any case, you should never default to guest user if your user is defined in the WebLogic security realm.

To disable the guest user, do the following.

Go to the Change Center of the Administration Console, click Lock & Edit. Select your domain and select Compatibility Security > General. Now select the Guest Disable checkbox. You will need to reboot your server for this change to take effect.
 
Consider Paul's rocket mass heater.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic