This content has been marked as final. Show 3 replies
Very faint response: It is the default, so you do not have to configure anything.1 person found this helpful
No seriously; using the node manager is all about (internal) network communication. When you want no one to get the usernames and passwords used
you have to resort to SSL. Note that most security issues are related to internal misuse. This is usually the reason to go for SSL instead of
plain communication, so that no one can mess up your system (even from the inside).
More information about the node manager can be found here: http://download.oracle.com/docs/cd/E21764_01/web.1111/e13740/toc.htm
Thank you for the reply Rene. I had reviewed that link, but it was vague there, as well.
Would you please clarify the usernames and passwords comment? Are you saying this, in addition to host name verification, is to prevent someone internally from initiating an attack (suck as man-in-the-middle) to steal WL Admin usernames and passwords?
I know it is paranoia, but in some environments this happens, so it is better safe than sorry.