Oracle Weblogic Server (MOSC)

MOSC Banner

Port Usage tab in EM is showing my Forms and Reports Managed Servers are servicing LDAPS requests on

edited Feb 6, 2015 2:11PM in Oracle Weblogic Server (MOSC)

When I checked the Port Usage tab in EM, I noticed that both of my Managed Servers - Reports and Forms Servers - are servicing LDAPS requests on their public IP/port number in addition to HTTPS.  Using an LDAP browser, I was able to connect to the embedded LDAP on port 443.  This obviously poses a vulnerability for us since anyone who can access the application can attempt to brute-force the Weblogic admin password using an LDAP browser.  Unfortunately, we don't have a Web-tier since this environment was built for a Forms-based medical application per the vendor's specifications.

With the exception of the Weblogic administrator, we don't have users stored in the Embedded LDAP store.  Is there a way to disable LDAPS from listening on our Managed Servers HTTPS ports?

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center