Weblogic User class extends deprecated class?

weblogic.security.acl.User extends java.security.Identity which is a
deprecated class for Java 1.2
I checked the 5.1 API docs, this class still extends the
java.security.Identity. Are there any plans to update this class or if there
is another class we should use instead of weblogic.security.acl.User ?
Srikanth Meenakshi

s> weblogic.security.acl.User extends java.security.Identity which is
s> a deprecated class for Java 1.2
This is not a problem. It's okay to use it.
     <b
Let us pray:
What a Great System.
Please Do Not Crash.
^G^IP@P6

Similar Messages

  • Weblogic Startup Class does not run as Windows Service

    If you know the answer, plase send me an email at [email protected]
    I'm running a weblogic startup class that starts a Thread. I need to
    run a batch program that should be running as long as WebLogic is
    running (to process new orders).
    It works fine when I run WebLogic (5.1 SP8) from a script, but causes
    problem when I'm running it as a Windows Service. It calls the
    startup class, however, the startup class never spawns the Thread
    class.
    Following is excerpts from different components:
    =============================================================
    *** weblogic.properties ***
    weblogic.system.startupClass.pdfCreatorStart=WebLogicStartupPdfCreator
    *** WebLogicStartupPdfCreator.java ***
    public class WebLogicStartupPdfCreator implements T3StartupDef {
    public String startup(String name, Hashtable args) throws
    Exception {
    Thread t = new ProductionPdfBatchRunner();
    t.start();
    return "success";
    *** ProductionPdfBatchRunner.java ***
    public class ProductionPdfBatchRunner extends Thread {
    public void run() {
    try {
    //work being done here
    this.sleep(30000);
    catch (InterruptedException ie) {               
    catch(Exception e) {
    e.printStackTrace();
    =============================================================
    Thanks for any help

    Hi,
    Ok. Few suggestions.
    1. Can you review the SAP note:
    552286  Troubleshooting for the SAP Web Dispatcher
    2. When you said: "web dispatcher does not get started ", what error you got ? Can you be more details here ?
    3. Please check the trace file dev_webdisp" that generated in the work directory. If the log entries is not abvious, increase the trace level to 2 or 3, and reproduce and re-check the trace file.
    4. What is the output of the command "sapwebdisp -v"
    5. How about sapwebdisp.pfl ? Are those settings correct ?
    Hope this helps.
    Regards,
    Vincent

  • WLS 10.0 Mp1 - Weblogic startup class to initialize client's SSL channels

    Hi,
    Is it possible to use Weblogic startup class to initialize client's SSL channels?
    Any pointers are appreciated.
    Thanks in advance.

    Hey
    If possible can you explain the issue in detail.
    What do you mean by “initialize client's SSL channels”
    Regards,
    Hussain

  • RE: (forte-users) Class compatibility

    Pascal,
    Basically the way to work with objects as parameters is to ensure that
    sending and receiving parties have the same knowledge of the underlying
    classes of these objects.
    o Partitions in one application, generated at distribution time always are
    "in sync" with one another as they use the same class definitions specified
    through the supplier plan relationships of the main project
    o Applications distributed independently that exchanging objects only
    understand the common set of class definitions.
    For example, a Forte Conductor engine object is built using the standard
    Forte Framework classes. Its API specifies things like "DataValue" objects.
    Sending it a TextData is fine, sending it MyOwnTextData is not - the other
    application has no clue what that (sub)class is supposed to be as it did not
    know at the time it was built.
    This is also true in cases where applications use libraries and these are
    given objects of (sub)classes it knows nothing about.
    All of these generate serialisation errors of some sort since the flattened
    object that is sent across the wire cannot be reconstructed at the receiving
    end by lack of a blueprint (class definition) on how to create such an
    object.
    Theo de Klerk
    Architecture & Application Integration
    Professional Services
    Compaq Computer Corp. - the Netherlands
    PGP Fingerprint: 5A70 DD56 F3BA FE04 9DCA 1ACE 8581 0A2F F057 FA6E

    Theo,
    I understand all of that. Of course we make sure that all components use the
    same blueprints for all classes. However, in case we managed to get these
    blueprints out of sync, we don't want the application to simply crash. We
    want to trap this exception and print a message that says: "There seems to
    be a compatability problem between components. Please make sure the latest
    version of all application components have been installed."
    Of course we can trap all exceptions (GenericException) and ignore all of
    them after displaying them, but that seems like a blunt-axe-approach. I'm
    looking for the scalpel.
    Pascal Rottier
    Origin Nederland (BAS/West End User Computing)
    Tel. +31 (0)10-2661223
    Fax. +31 (0)10-2661199
    E-mail: Pascal.Rottiernl.origin-it.com
    ++++++++++++++++++++++++++++
    Philip Morris (Afd. MIS)
    Tel. +31 (0)164-295149
    Fax. +31 (0)164-294444
    E-mail: Rottier.Pascalpmintl.ch
    -----Original Message-----
    From: Klerk, Theo de [mailto:Theo.de.Klerkcompaq.com]
    Sent: Wednesday, October 18, 2000 5:15 PM
    To: Rottier, Pascal; 'Forte Users'
    Subject: RE: (forte-users) Class compatibility
    Pascal,
    Basically the way to work with objects as parameters is to ensure that
    sending and receiving parties have the same knowledge of the underlying
    classes of these objects.
    o Partitions in one application, generated at distribution time always are
    "in sync" with one another as they use the same class definitions specified
    through the supplier plan relationships of the main project
    o Applications distributed independently that exchanging objects only
    understand the common set of class definitions.
    For example, a Forte Conductor engine object is built using the standard
    Forte Framework classes. Its API specifies things like "DataValue" objects.
    Sending it a TextData is fine, sending it MyOwnTextData is not - the other
    application has no clue what that (sub)class is supposed to be as it did not
    know at the time it was built.
    This is also true in cases where applications use libraries and these are
    given objects of (sub)classes it knows nothing about.
    All of these generate serialisation errors of some sort since the flattened
    object that is sent across the wire cannot be reconstructed at the receiving
    end by lack of a blueprint (class definition) on how to create such an
    object.
    Theo de Klerk
    Architecture & Application Integration
    Professional Services
    Compaq Computer Corp. - the Netherlands
    PGP Fingerprint: 5A70 DD56 F3BA FE04 9DCA 1ACE 8581 0A2F F057 FA6E
    For the archives, go to: http://lists.xpedior.com/forte-users and use
    the login: forte and the password: archive. To unsubscribe, send in a new
    email the word: 'Unsubscribe' to: forte-users-requestlists.xpedior.com

  • Weblogic startup class and EAR file

    Hi,
    I am using WL 8.1.5.
    I have a weblogic starup class MyStartup that implements T3StartupDef. (it does not specify package).
    I jar-ed it. And I placed MyStartup.jar file into the MyEA.ear file. And I placed that into applications dir.
    With WL Console I defined the startup class and for the ClassName specified MyStartup.
    Yet I get the java.lang.ClassNotFoundException.
    I also have a Manifest.mf file with
    Class-Path: MyStartup.jar
    Please help me solve this problem, I literally don't know what to do next.
    MB

    Hi,
    thanks.
    This seems like a completely opposite method of the depplying startup class with weblogic console.
    Does my class still need to implement T3StartupDef?
    I get this exception. And my classnotfound is still there.
    Exception:weblogic.management.ApplicationException: startup.MyStartup
         at weblogic.management.deploy.slave.SlaveDeployer$ActivateTask.createContainer(SlaveDeployer.java:2484)
         at weblogic.management.deploy.slave.SlaveDeployer$ActivateTask.prepare(SlaveDeployer.java:2396)
         at weblogic.management.deploy.slave.SlaveDeployer.processPrepareTask(SlaveDeployer.java:883)
         at weblogic.management.deploy.slave.SlaveDeployer.prepareDelta(SlaveDeployer.java:591)
         at weblogic.management.deploy.slave.SlaveDeployer.prepareUpdate(SlaveDeployer.java:500)
         at weblogic.drs.internal.SlaveCallbackHandler$1.execute(SlaveCallbackHandler.java:25)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
    Regards,
    MB

  • Weblogic startup class (urgent)

    Hi All,
    I need a java program (weblogic startup class) which should fetch data from the database and instantiate another one class (it will be the data holder) and store that object into a webapplication context. Anyone tried this? Since its urgent any help will be appreciated.
    Thanks in advance
    Cheers,
    Pandiaraj

    Do this in the init() method of a servlet and start
    the servlet when you start your weblogic server
    second that. just give a value of 1 for <load-on-startup> in web.xml

  • Does solaris dhcp server support user class

    Does solaris dhcp server support user class(option 77). In my environment, solaris dhcp server seems just ignore this option set in the client dhcp discover.
    Does anybody can help me.

    The clients are all Windows 7 x64 (but I've replicated the problem on MacOS and Solaris clients). The server is Solaris 11 x86.
    For the problem to be the ARP cache, wouldn't the client's MAC address have to change during the reboot (i.e. the change in the client's MAC address is what causes the ARP cache to get confused, and hence the client gets blocked because of the MAC mismatch)?
    Edited by: user13534003 on May 9, 2012 1:43 AM
    Edited by: user13534003 on May 9, 2012 1:46 AM

  • Where is weblogic.Deployer class?

    Where is weblogic.Deployer class?

    Hi YE,
    weblogic.Deployer class is present in "*weblogic.jar*" which can be found in WLS_HOME/wlserver_10.3/server/lib/weblogic.jar
    Regards,
    Ravish Mody
    http://middlewaremagic.com/weblogic/
    Come, Join Us and Experience The Magic…

  • How to create a user class for the customer realm

    how can I create a User class for my custom security realm, please help me out. i am trying to access using the active directory server and iam unable to write a simple classs for this user, can anyone help me. iam a beginner, would appriciate if any one helps me.regardsbaba

    Hi Rawat,
       You Don't need to create User Exits,but you need to find user Exits.Below are list of user Exits for MB31.
    Use proper exit as per your requirement.
    Exit Name     Description
    MBCF0002     Customer function exit: Segment text in material doc. item
    MBCF0005     Material document item for goods receipt/issue slip
    MBCF0006     Customer function for WBS element
    MBCF0007     Customer function exit: Updating a reservation
    MBCF0009     Filling the storage location field
    MBCF0010     Customer exit: Create reservation BAPI_RESERVATION_CREATE1
    MBCF0011     Read from RESB and RKPF for print list in  MB26
    MB_CF001     Customer Function Exit in the Case of Updating a Mat. Doc.
    award points if ans is useful.
    Regards,
    Albert

  • Not able to start Managed server using nohup command and failed to authenticate weblogic user

    Hi,
    I stopped weblogic Admin server, managed server and opmnctl. and restarted Admin server successfully but I'm able to start managed start without nohup command. if I use nohup command then it's not able to get authenticate and faild to start managed server. I created boot.property file with weblogic user name and password still not working. is there anyother way to suppy login credentials for managed server?
    how can I supply login credentials in below command?
    nohup ./startManagedWebLogic.sh bi_server1 t3://machine:7001 > bis1_startup.log &
    Appreciate you for your help
    Thanks
    Jay.

    /app/obiee_11g/Oracle_BI1/jdk/bin/java -server -Xms256m -Xmx1024m -XX:MaxPermSize=512m -XX:-UseSSE42Intrinsics -Dweblogic.Name=bi_server1 -Djava.security.policy=/app/obiee_11g/wlserver_10.3/server/lib/weblogic.policy -Dweblogic.ProductionModeEnabled=true -Dweblogic.security.SSL.trustedCAKeyStore=/app/obiee_11g/wlserver_10.3/server/lib/cacerts -da -Dplatform.home=/app/obiee_11g/wlserver_10.3 -Dwls.home=/app/obiee_11g/wlserver_10.3/server -Dweblogic.home=/app/obiee_11g/wlserver_10.3/server -Dcommon.components.home=/app/obiee_11g/oracle_common -Djrf.version=11.1.1 -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Ddomain.home=/app/obiee_11g/user_projects/domains/bifoundation_domain -Djrockit.optfile=/app/obiee_11g/oracle_common/modules/oracle.jrf_11.1.1/jrocket_optfile.txt -Doracle.server.config.dir=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig/servers/bi_server1 -Doracle.domain.config.dir=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig -Digf.arisidbeans.carmlloc=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig/carml -Digf.arisidstack.home=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig/arisidprovider -Doracle.security.jps.config=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig/jps-config.xml -Doracle.deployed.app.dir=/app/obiee_11g/user_projects/domains/bifoundation_domain/servers/bi_server1/tmp/_WL_user -Doracle.deployed.app.ext=/- -Dweblogic.alternateTypesDirectory=/app/obiee_11g/oracle_common/modules/oracle.ossoiap_11.1.1,/app/obiee_11g/oracle_common/modules/oracle.oamprovider_11.1.1 -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.jdbc.remoteEnabled=false -Dbi.oracle.home=/app/obiee_11g/Oracle_BI1 -DEPM_ORACLE_HOME=/app/obiee_11g/Oracle_BI1 -Dweblogic.MaxMessageSize=50000000 -DEPM_ORACLE_HOME=/app/obiee_11g/Oracle_BI1 -DHYPERION_HOME=/app/obiee_11g/Oracle_BI1 -DEPM_ORACLE_INSTANCE=novalue -Dhyperion.home=/app/obiee_11g/Oracle_BI1 -DEPM_REG_PROPERTIES_PATH=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig -Depm.useApplicationContextId=false -Doracle.biee.search.bisearchproperties=/app/obiee_11g/Oracle_BI1/bifoundation/jee/BISearchConfig.properties -Dweblogic.management.clearTextCredentialAccessEnabled=true -Doracle.notification.filewatching.interval=2000 -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.security.SSL.enableJSSE=true -Dfile.encoding=utf-8 -Doracle.ecsf.security.service=oracle.biee.search.security.BISearchSecurityService -Doracle.ecsf.configuration.class=oracle.biee.search.services.BISearchServiceConfiguration -Dxdo.server.config.dir=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/bipublisher -DXDO_FONT_DIR=/app/obiee_11g/Oracle_BI1/common/fonts -Drtd.instanceName=RTD_bi_server1 -Dem.oracle.home=/app/obiee_11g/oracle_common -Djava.awt.headless=true -Dweblogic.management.discover=false -Dweblogic.management.server=01scqabi01.natusmed.natus.com:7001 -Dwlw.iterativeDev=false -Dwlw.testConsole=false -Dwlw.logErrorsToConsole=false -Dweblogic.ext.dirs=/app/obiee_11g/patch_wls1035/profiles/default/sysext_manifest_classpath weblogic.Server
    <Nov 17, 2013 12:24:00 AM PST> <Info> <Security> <BEA-090905> <Disabling CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true>
    <Nov 17, 2013 12:24:00 AM PST> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>
    <Nov 17, 2013 12:24:01 AM PST> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) 64-Bit Server VM Version 20.10-b01 from Sun Microsystems Inc.>
    <Nov 17, 2013 12:24:07 AM PST> <Info> <Security> <BEA-090065> <Getting boot identity from user.>
    Enter username to boot WebLogic server:Error: Failed to get value from Standard Input
    Enter password to boot WebLogic server:
    <Nov 17, 2013 12:24:07 AM PST> <Info> <Management> <BEA-141107> <Version: WebLogic Server 10.3.5.0 Fri Apr 1 20:20:06 PDT 2011 1398638 >
    <Nov 17, 2013 12:24:09 AM PST> <Error> <Configuration Management> <BEA-150021> <The admin server failed to authenticate the identity of the user starting the managed server. The reason for the error is .>
    <Nov 17, 2013 12:24:09 AM PST> <Emergency> <Management> <BEA-141151> <The admin server could not be reached at http://01scqabi01.natusmed.natus.com:7001.>
    <Nov 17, 2013 12:24:09 AM PST> <Info> <Configuration Management> <BEA-150018> <This server is being started in managed server independence mode in the absence of the admin server.>
    <Nov 17, 2013 12:24:09 AM PST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
    <Nov 17, 2013 12:24:09 AM PST> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
    <Nov 17, 2013 12:24:09 AM PST> <Notice> <Log Management> <BEA-170019> <The server log file /app/obiee_11g/user_projects/domains/bifoundation_domain/servers/bi_server1/logs/bi_server1.log is opened. All server side log events will be written to this file.>
    <Nov 17, 2013 12:24:19 AM PST> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
    <Nov 17, 2013 12:24:20 AM PST> <Critical> <Security> <BEA-090403> <Authentication for user denied>
    <Nov 17, 2013 12:24:20 AM PST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user denied
    weblogic.security.SecurityInitializationException: Authentication for user denied
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
    at weblogic.security.SecurityService.start(SecurityService.java:141)
    at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
    Truncated. see log file for complete stacktrace
    Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied
    at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
    at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
    at java.security.AccessController.doPrivileged(Native Method)
    at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    Truncated. see log file for complete stacktrace
    >
    <Nov 17, 2013 12:24:20 AM PST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
    <Nov 17, 2013 12:24:20 AM PST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
    <Nov 17, 2013 12:24:20 AM PST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>

  • Unable to find 'weblogic' user in rpd

    Hi ,
    I have open the rpd in online mode and trying to set log level for weblogic user.
    Manage-->Identity-->Select BIRepository. Click on Action tab-->Set online filter.
    I have entered * button. By default online rpd is going to be closed. Can any one share your thoughts on it.
    Regards,
    Sri

    Hi Sri,
    First, I would like to understand the reason why you are trying to set the logging level to the weblogic user. Weblogic user is the Admin (Kind of Super Admin who has access to everything!!!! ;) and is used for managing the weblogic servers, domains etc.
    If you are using the same userid for developing reports, I think you should consider creating another userid for creating analysis only (Just like BIAnalysisAuthor) and one for BIAdmin etc..
    However, to answer the question, you should still be able to see this guy in Administration tool. From your message, I think your Admin tool is crashing here.
    May be you want to try from some other client or can set the logging level with some init block as follows.
    1. Create an session init block.
    2. Set the target as "LOGLEVEL".
    3. Write a query to initialize this variable. For ex: select "2" from dual
    Hope this helps.
    Thank you,
    Dhar

  • OBIEE 11.1.1.6 problems with weblogic user

    Hi,
    I have set my Active Directory provider access in OBIEE 11.1.1.6, it's working fine for all my users in my active directory, but I can't open my repository online or access answers with weblogic user. My control flag is optional btw.
    Anybody knows why and how to solve it?
    Great thanks

    Hello,
    Which authenticator provider is set to optional .? and which one is set to sufficient .?
    Also are you using the BISystemUser (default weblogic one) as the trusted user or have you created a user named BISystemUser in AD. ?
    Let us know how you configured .?
    Thanks,
    SVS

  • Question on Weblogic User role

    Is there a way to assign a role to the weblogic server user in such a way that the user which will only have the ability to create users/delete users/ change other users passwords and doenst have any other abilities which the
    Administrators or Monitors or Deployers or Operators or other Global roles have?
    Environment : Weblogic server 10.0
    Edited by: user734247 on Apr 7, 2011 2:08 PM

    No.
    Members of the Administrators, including the default weblogic user, have all admin abilities. You should create individual users for each user that you're allowing to access the console, rather than distributing the weblogic password. This is especially true for your administrators - each should have their own password.
    However, if you configure your security realm to use some external LDAP ( for users and passwords ), you might be able to have user accounts - within that LDAP's client software - who are restricted to an account management role as you've described for the groups used within your WL domain.

  • How to read weblogic user/password within a J2EE app ?

    All,
         There is an J2EE that exposes a webservice and the service can not be secured with ws-security since the service is an exact implementation of an standard that does not mandate  ws-secutiry and only insists on SSL/TLS. The application however needs a legitimate authenticated weblogic user for the rest of its work and hence the app has to read a known user created in the weblogic and then read its password as well and authenticate  within the app and use that authenticated subject. User can create this predefined user in weblogic and we may ask user to store the same weblogic password also in a CSF like OPSS and then have the app read the CSF, but since the password is available in the weblogic internal ldap, we want to leverage that and read the user's password using any of the weblogic mbean's APIs. Can anyone provide a pointer on how to read a user's password within the Weblogic's embedded ldap ?
         We referred to this Developing with the User and Role API - 11g Release 1 (11.1.1) & 6 Managing Security Realms with JMX but could not successfully get it working with J2EE app (Servlet/Filter).

    You can use JMX
    Please find a sample here
    List Users and Groups in Weblogic using JMX | Middleware wonders!!

  • Help solve OIM puzzle - OIM Authenticator == "weblogic user soft locked"

    Hi,
    I just completed an installation of IDAM 11g including OIM. I've done several, with different configurations, but this one is on Centos 64-bit.
    Everything seems to be working, but whenever I start the soa_server1 and oim_server1 managed server, I start seeing messages in the Adminserver stdout from <OIMAuthenticator>, saying that the weblogic user is "soft locked". If I go into OIM Admin, the 'WEBLOGIC' user is locked, and if I unlock that user in OIM Admin, the msgs from Adminserver change to "failed authentication" a few times, then I get the "soft locked" messages again.
    I've been trying to track this problem down for almost a week now. I'm "close" to understanding what might be going on, but I'm kind of at an impasse right now, so I figured I'd post what I've found thus far, and see if anyone here has any ideas.
    1) With this installation, I first installed a basic WebLogic domain, with a password (e.g., "password1").
    2) When I got to the IDAM installation, because there was a password policy, I had to use a password with upper-case in it (e.g., "Password1"), for all responses, except when it asked for the info for accessing the WebLogic Adminserver, in which case I responded with the original weblogic password (e.g., "password1").
    3) I have both the DefaultAuthenticator and the OIMAuthenticator in the security realm, with the DefaultAuthenticator at the top, above the OIMAuthenticator. Both authenticators are set to "SUFFICIENT".
    4) I think that SOMETHING is intermittently (~ every minute) trying to authenticate using the "weblogic" user, but whatever that is, it has the "wrong" password.
    5) My understanding is that normally, when OIM is installed, the 'WEBLOGIC' user is added to OIM, with an "empty" password, and I confirmed via sqlplus, that the USR_PASSWORD in the OIM USR table is indeed empty.
    6) I think that with the order that the authenticators are in, DefaultAuthenticator would attempt to authenticate, and then OIMAuthenticator would attempt to authenticate. Since both are set to SUFFICIENT, if an authentication against DefaultAuthenticator succeeds, the authentication would be considered "successful".
    Based on all of the above, it seems like whatever the process that is trying to do those authentications is, it has a password that is not "password1" (since if it was using "password1", then the DefaultAuthenticator" would successfully authenticate, and it shouldn't try the OIMAuthenticator), and then OIMAuthenticator is trying to authenticate. Since the USR_PASSWORD is empty, OIMAuthenticator would always fail authentication, and thus the "failed authentication" errors followed by the "soft locked" msgs.
    7) I've tried to track down "what" process is doing the authentications, and I believe that it is EMAGENT. The reason that I say this is that if I stop EMAGENT using opmnctl, the "soft locked" messages stop.
    8) I've tried to set the "monitoring credentials" for the "weblogic" user in EM, to match the "password1", but even after I do that, I still see the "soft locked" msgs, and if I unlock the 'WEBLOGIC' use in OIM, then I get several "failed authentication" followed by the "soft locked" msgs again.
    9) I did an experiment (I'm running this under VMware, so I was able to do a snapshot and then revert after the experiment), where I set the password for the 'WEBLOGIC' user in OIM Admin to the "Password1", and after I did that, the "soft locked" errors stopped, so I believe that whatever process is attempting to authenticate is using the "Password1" password, rather than the "password1" password.
    I also have another earlier installation, that I installed using the "normal" way, i.e., letting the config.sh create a new WL domain, and that works and I don't get these "soft locked" msgs at all. That configuration also has USR_PASSWORD empty in the OIM database USR table.
    So, the question that I have is how do I get the EMAGENT to use the "password1" password instead of the "Password1" password?
    As I mentioned above, I tried changing that in the EM monitoring credentials, but that didn't seem to fix the problem (still got "soft locked" msgs).
    Maybe I've been staring at this problem too long, and am missing something, so I hope that someone can post some suggestions.
    Thanks,
    Jim

    Hi,
    I'm afraid that I'm not doing a very good job explaining what worries me.
    Specifically, I don't understand WHY the authentication of the 'weblogic' user against the DefaultAuthenticator is failing. I know that the reason that OIM is locking the 'WEBLOGIC' user is that the DefaultAuthenticator authentication is failing, causing the attempt to authenticate against the OIMAuthenticator (which also fails because USR_PASSWORD is empty), but why is that authentication against DefaultAuthenticator failing?
    More particularly, I'd really like to find out how to change the password that whatever is trying to do that authentication is using.
    As I said, I tried changing the monitoring credentials in EM already. I think that that actually changed SOMETHING, but not everything. Before that I was seeing 3 soft locked msgs every minute. After I changed the monitoring credentials to a completely different user that I created in the WL Console (emagent_monitor, member of the Monitors group in WL Console), instead of getting 3 msgs per minute, I'm now getting 1 msg per minute.
    So, it appears that it's something else, other than the monitoring credentials, i.e., something else (I don't know what) is trying to authenticate with the 'weblogic' user, but with bad password.
    Jim

Maybe you are looking for