How to restrict access to Oracle Weblogic

Restricting access to WebLogic Server

In order to restrict access to WebLogic server to a set of machines, you can use Network Connection Filters which are used to add an additional layer of security allowing you to deny access at the network level.

Network Connection Filters are a type of firewall in that they can be configured to filter on protocols, IP addresses, and DNS node names. For example, you can deny any non-SSL connections originating outside of your corporate network. This would ensure that all access from systems on the Internet would be secure.

You can configure Connection filters, by selecting the top-level domain from the Admin Console and then choosing the Security| Filter tab. In order to add a Connection filter you have to specify a Connection filter class and the Connection Filter rules.

WebLogic ships out of the box with a default Connection Filter class named weblogic.security.net.ConnectionFilterImpl that examines one or more connection filter rules defined in the Administration Console. Alternatively, you can create your own custom connection filter that evaluates the basis that incoming connections are accepted by the server.

The following Connection Filter rules can be used to deny http and https protocol access from www.acme.com to the local server. 

oracle weblogic tutorials howto example wls java ee

The connection filter rules are written using a firewall-like syntax (check here for more details about constructing filter rules: http://docs.oracle.com/cd/E24329_01/web.1211/e24485/con_filtr.htm)

Francesco Google+