BEA Logo BEA WebLogic Server Release 5.0

  Corporate Info  |  News  |  Solutions  |  Products  |  Partners  |  Services  |  Events  |  Download  |  How To Buy

   e-docs   |   Site Map   |   Search   |   Contact   |   Glossary   |   WebLogic Server Documentation

Setting WebLogic security properties

This document describes new security features to better secure the WebLogic administrative user login and to restrict that user's login to a specified port.

Changing the WebLogic administrative user

The default administrative user for the WebLogic server is the "system" user. The password for this user is set in the weblogic.properties file with the weblogic.password.system property.

The weblogic.system.user property allows you to change the administrative user from "system" to some other user you choose. The new administrative user must also be established with a weblogic.password.user property.

Here are the properties to set the administrative user to "weblogicroot" with the password "b96yUksbY3B": 

weblogic.password.weblogicroot=b96yUksbY3B
weblogic.system.user=weblogicroot

You can add these properties to the weblogic.properties file. For additional security, you could instead set the properties on the Java command line when you start the WebLogic Server. (But make sure that the operating system is secure from commands such as ps that can display the text of the command line.) Start the server as described in Starting the WebLogic Server from the command line and add: 

$ ... -Dweblogic.system.user=weblogicroot
          -Dweblogic.password.weblogicroot=b96yUksbY3B ...

Changing the WebLogic Server administrative port

Use the weblogic.system.administrativePort property to set a port number for administrative user logins. When this property is set, the system user cannot log in on any other port, and only system user logins are permitted on the designated port. The port uses SSL by default. If you change the administrative user from "system" to another user (using weblogic.system.user), only that user may log in on this port.

The port you choose must be free from any other use, either by operating system services or other WebLogic Server port assignments.

Here is an example that sets the WebLogic Server to listen for T3 connections on port 7001, SSL connections (t3s and https) connection on port 7002, and administrative user connections on port 7003. 

# TCP/IP port number at which the T3Server listens for connections
weblogic.system.listenPort=7001

# SSL listen port
weblogic.system.SSLListenPort=7002

# Port number for administrative user logins
weblogic.system.administrativePort=7003

Since the administrative port defaults to SSL, you must use SSL when connecting to the port. For example, to connect with the WebLogic console, start the Console and follow these steps:

  1. Choose "Attach to a WebLogic Server or Cluster..." from the File menu.

  2. Type the name of the administrative user in the User name field.

  3. Type the administrative user's password in the Password field.

  4. Type the name of the computer running the WebLogic Server in the DNS host name field.

  5. Click Advanced to display the "Advanced login" dialog.

  6. Enter the administrative port number in the Port field.

  7. Choose SSL from the Protocol list box.

  8. Click OK.

 

Copyright © 2000 BEA Systems, Inc. All rights reserved.
Required browser: Netscape 4.0 or higher, or Microsoft Internet Explorer 4.0 or higher.
Last updated 02/03/1999