User Lockout & WLST

Posted by Bala Kothandaraman on Oracle Blogs See other posts from Oracle Blogs or by Bala Kothandaraman
Published on Thu, 22 Apr 2010 10:44:14 -0500 Indexed on 2010/04/22 15:54 UTC
Read the original article Hit count: 760

Filed under:

security

|

WLST

WebLogic server provides an option to lockout users to protect accounts password guessing attack. It is implemented with a realm-wide Lockout Manager. This feature can be used with custom authentication provider also. But if you implement your own authentication provider and wish to implement your own lockout manager that is possible too.

If your domain is configured to use the user lockout manager the following WLST script will help you to:
- check whether a user is locked using a WLST script
- find out the number of locked users in the realm

#Define constants
url='t3://localhost:7001'
username='weblogic'
password='weblogic'
checkuser='test-deployer'

#Connect
connect(username,password,url)

#Get Lockout Manager Runtime
serverRuntime()
dr = cmo.getServerSecurityRuntime().getDefaultRealmRuntime()
ulmr = dr.getUserLockoutManagerRuntime()

print '-------------------------------------------'
#Check whether a user is locked
if (ulmr.isLockedOut(checkuser) == 0):
islocked = 'NOT locked'
else:
islocked = 'locked'
print 'User ' + checkuser + ' is ' + islocked

#Print number of locked users
print 'No. of locked user -> ', Integer(ulmr.getUserLockoutTotalCount())

print '-------------------------------------------'
print ''

#Disconnect & Exit
disconnect()
exit()

© Oracle Blogs or respective owner

Related posts about security

sudo apt-get update errors

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
Here is what I get on my terminal when running sudo apt-get update errors. I dont know if the issue is from my sources.list or my proxy setup(have not made any changes to proxies). Thank you for any help in advanced. Ign http://security.ubuntu.com oneiric-security Release.gpg Ign http://security… >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Devx - Search for 'Devx'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
The Security-Developer Gap: Why IT Security Can't Fix Your Security Problems Alone

as seen on Internet.com - Search for 'Internet.com'
Two well-known white hats explain how hackers take advantage of security holes left by enterprise application developers. >>> More
StackOverFlowError while creating Mac object on AS400/Java

as seen on Stack Overflow - Search for 'Stack Overflow'
Hello all, I am a newbie to AS400-Java programming. I am trying to create my first program to test the implementation of Message Authentication Code (MAC). I am trying to use the HMACSHA1 hash function. My (Java 1.4) program runs fine on a dev box (V5R4).But fails terribly on the QA box (V5R3). My… >>> More
Google App Engine - Spring Security Issue (java.security.AccessControlException)

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm currently getting the AccessControlException below when I deploy to app engine (I don't see it when I run in my local environment). I'm using GAE 1.3.1, Spring 3.0.1, and Spring Security 3.0.2. Any ideas how to get around this issue? It appears to be an issue with Spring Security trying to get… >>> More

Related posts about WLST

??????WLST

as seen on Oracle Blogs - Search for 'Oracle Blogs'
WebLogic Server?????????????WebLogic Server????????7?23?????????38?WebLogic Server???@??????????????WLST?(?????? ??????????? ?? ??)??????????????WLST(WebLogic Scripting Tool)?WebLogic Server???????????????????????????????????WLST?????TIPS??????????????????????WLST?????????????????????????????????… >>> More
User Lockout & WLST

as seen on Oracle Blogs - Search for 'Oracle Blogs'
WebLogic server provides an option to lockout users to protect accounts password guessing attack. It is implemented with a realm-wide Lockout Manager. This feature can be used with custom authentication provider also. But if you implement your own authentication provider and wish to implement your… >>> More
Want to Run OS Commands From WLST?

as seen on Oracle Blogs - Search for 'Oracle Blogs'
If you spend a lot of time with WLST in the interactive mode, I am sure you have opened another command prompt/shell to check something at the OS file system level. If you wonder whether can execute an OS command from within WLST prompt, the answer is "Yes". This is very convenient similar to how… >>> More
????·???????! ?WebLogic Scripting Tool????WebLogic Server???/???????|WebLogic Channel|??????

as seen on Oracle Blogs - Search for 'Oracle Blogs'
Web???????????/?????????????????????????????????????????????? ??????????????????????????????????????????????????????????????????????????????WebLogic Server?????????????????WebLogic Scripting Tool??????????2011?11????????Oracle DAB & Developers Days 2011?????????????????????????!WebLogic Scripting… >>> More
Developing WLST scripts with Eclipse

as seen on Stack Overflow - Search for 'Stack Overflow'
We are in the process of developing several WLST (WebLogic Scripting Tool) scripts and we would like to setup a development environment. Has anybody managed to configure Eclipse PyDev (or another plugin) to support it? Do you know any other alternative? Thank you for your answers. >>> More