Domain-->Compatibility Security-->Passwords

Tasks     Related Topics     Attributes

 

Overview

WebLogic Server provides a set of attributes to protect user accounts from intruders. By default, these attributes are set for maximum protection. As a system administrator, you have the option of turning off all the attributes, increasing the number of login attempts before a user account is locked, increasing the time period in which invalid login attempts are made before locking the user account, and changing the amount of time a user account is locked. Use this page to change these attributes. This page applies to WebLogic Server deployments using Compatibility security. Remember that changing the attributes on this page lessens security and leaves user accounts vulnerable to security attacks.

 

Tasks

Protecting User Accounts

 

Related Topics

Introduction to WebLogic Security

Managing WebLogic Security

Securing WebLogic Resources

Programmimg WebLogic Security

Developing Security Providers for WebLogic Server

Securing a Production Environment

The Security topics in the WebLogic Server 8.1 Upgrade Guide

Security FAQ

The Security page in the WebLogic Server documentation

 

Attributes

Attribute Label

Description

Value Constraints

Minimum Password Length The minimum number of characters required in any domain password. Minimum: 0Default: 8Configurable: yesReadable: yesWritable: yes
Lockout Enabled Requests the locking of a user account after invalid attempts to log in to that account exceed the specified Lockout Threshold. By default, this attribute is enabled. Default: trueReadable: yesWritable: yes
Lockout Threshold Number of failed user password entries that can be tried before that user account is locked. Any subsequent attempts to access the account (even if the username/password combination is correct) raise a Security exception; the account remains locked until it is explicitly unlocked by the system administrator or another login attempt is made after the lockout duration period ends. Invalid login attempts must be made within a span defined by the Lockout Reset Duration attribute. The default is 5. Minimum: 1Maximum: 99999Default: 5Configurable: yesReadable: yesWritable: yes
Lockout Duration Number of minutes that a user's account remains inaccessible after being locked in response to several invalid login attempts within the amount of time specified by the Lockout Reset Duration attribute. The default is 30 minutes. Minimum: 0Maximum: 999999Default: 30Configurable: yesReadable: yesWritable: yes
Lockout Reset Duration Number of minutes within which invalid login attempts must occur in order for the user's account to be locked.An account is locked if the number of invalid login attempts defined in the Lockout Threshold attribute happens within the amount of time defined by this attribute. For example, if the value in Lockout Reset Duration attribute is 5 minutes, the Lockout Threshold is 3, and 3 invalid login attempts are made within a 6 minute interval, then the account is not locked. If 3 invalid login attempts are made within a 5 minute period, however, then the account is locked.The default is 5 minutes. Minimum: 1Maximum: 99999Default: 5Configurable: yesReadable: yesWritable: yes
Lockout Cache Size Specifies the intended cache size of unused and invalid login attempts. The default is 5. Minimum: 0Maximum: 99999Default: 5Configurable: yesReadable: yesWritable: yes


Skip navigation bar  Back to Top Previous Next