This discussion is archived
2 Replies Latest reply: Dec 27, 2012 5:53 AM by Kalyan Pasupuleti-Oracle RSS

Securing Admin console http to https

981517 Newbie
Currently Being Moderated
Hi All

Is there any other way (Not LADP) to secure the admin console. Like if we type the admin console http it will force to use https ...
  • 1. Re: Securing Admin console http to https
    896779 Newbie
    Currently Being Moderated
    I don't remember if we tried any redirection from http to https for admin console.

    If you would like to secure it, disable the admin server http server port and leave https port enabled. It helps the users to connect with https only.

    Thanks

    Lawrence Manickam
    http://toyork.blogspot.ca
  • 2. Re: Securing Admin console http to https
    Kalyan Pasupuleti-Oracle Expert
    Currently Being Moderated
    Hi,

    I dont think it is possible with single Weblogic server.

    We need to include any one of the Proxy server in between.


    Redirecting Http request to Https request eg with OHS.

    In httpd.conf, add the following lines replacing 7778 with the http listen port:

    RewriteEngine On
    RewriteCond %{SERVER_PORT} 7778
    RewriteRule ^/(.*)$ https://%{SERVER_NAME}/$1 [R,L]

    Things to keep in mind when implementing this solution:

    1. The the ServerName directive is what %{SERVER_NAME} is replaced with so these directives need to be put within a VirtualHost block or the server name needs to be hard coded if the default ServerName is not desired

    2. If WebCache or any other front end director is used, the rewrite condition will want to match the incoming port. For example, if the OHS is listening on 7778 but WebCache is answering the request on port 80, then the rewrite condition should be:

    RewriteCond %{SERVER_PORT} 7778

    3. The RewriteCond directive is set to a specific port, in this case 7778, so that an infinite loop is avoided if the rules are inherited in the ssl virtual host

    4. The rewrite rule should be added last as the L tells OHS to process no further rules

    5. When using this with Portal, Portal must be configured to use SSL prior to the change

    *** Most important to keep in mind, not every situation will fit for this note. For specific situations, the perl.com website (http://perldoc.perl.org/perlre.html) provides information about Regular Expressions that can be used with Apache.



    regards,
    Kal

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points