Developer Partner Community

WebLogic JNDI-Tree Security by Nicolas Fonnegra

Juergen Kress
PaaS Partner Adoption


Several Weblogic components like EJBs, Datasources and Queues are accessed using JNDI-lookups. In default Weblogic configurations, the JNDI-Tree can be accessed without any kind of authentication. This is far from ideal, because any process, inside or outside the Weblogic container is capable of invoking these components. Only Datasources have an extra layer of security and can only be used remotely by activating the property “weblogic.jdbc.remoteEnabled”.

In this blog entry I will not only show how to secure the JNDI-Tree but also what this means to the development of components such as Session EJBs, Message Driven Beans and external frameworks.

1. Securing the JNDI-Tree lookups

In Weblogic it is possible to secure single JNDI addresses, a group of addresses and the whole JNDI-Tree. There are two ways to do this: the administration console and with WLST

1.1 Administration Console

  • In Environment->Servers-> admin_server-> View JNDI Tree

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Technorati Tags: PaaS,Cloud,Middleware Update,WebLogic,WebLogic Community,Oracle,OPN,Jürgen Kress

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.