Category Archives: WebLogic Server

Quicktipp: WebLogic Server 12c and BEA-101104: java.net.ProtocolException

The issue ist reported newly as a Bug from Oracle…

Technology, KeyWords:

WebLogic Server 12.1.3.0.0., 10.3, Exception; java.net.ProtocolException

Error Message: <BEA-101104> <Servlet execution in servlet context…>

Problem:

We have deployed our application on weblogic (12.1.3.0.0). In the deployed application there is a (or more) link(s) which executes an application jar. The Links are not available in browser and if we check log-files of WLS-Domain, we find the following error:

####… <Error> <HTTP> <$Host> <$ManagedServer> <[ACTIVE] ExecuteThread: ’12’ for queue: ‘weblogic.kernel.Default (self-tuning)’> <<WLS Kernel>> <> <> … <BEA-101104> <Servlet execution in servlet context “ServletContext@1754863796[app:myApp module:/myModule path:null spec-version:3.0]” failed, java.net.ProtocolException: Didn’t meet stated Content-Length, wrote: ‘0’ bytes instead of stated: ‘-1’ bytes..

java.net.ProtocolException: Didn’t meet stated Content-Length, wrote: ‘0’ bytes instead of stated: ‘-1’ bytes.  at weblogic.servlet.internal.ServletOutputStreamImpl.ensureContentLength(ServletOutputStreamImpl.java:481)            at weblogic.servlet.internal.ServletResponseImpl.ensureContentLength(ServletResponseImpl.java:1549)            at  Weblogic.servlet.internal.ServletResponseImpl.send(ServletResponseImpl.java:1623)    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1582)   at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:255)            at weblogic.work.ExecuteThread.execute(ExecuteThread.java:311)            at weblogic.work.ExecuteThread.run(ExecuteThread.java:263)

Description

Weblogic declaration from:https://docs.oracle.com/cd/E17904_01/apirefs.1111/e14397/HTTP.html

BEA-101104

Error: Servlet execution in servlet context “ctx0” failed, t1.

Description  Servlet execution in servlet context “ctx0” failed, t1.

 Cause  Unexpected error occurred while serving the request. This is not a simple client connection reset error.

Action  Check the error message for the exact cause.

 But further analysis and newly reported Bug from Oracle help to solve this issue.

More detail and Background information:  Regarding the <Error> <HTTP> … <BEA-101104> <Servlet execution in servlet context…>

There is newly the Bug-Fix (Patch 20446229) available. Perhaps help you.

Solution

The Bug is reported in the following document:

Bug 20446229 : BEA-101104 JAVA.NET.PROTOCOLEXCEPTION TRYING TO ACCESS JAVAWEBSTART RESOURCE

Please go simply to “Patches and Updates” on the Oracle Support Portal and search for patch number 20446229. The Patch is available for 10.3.6 and 12.1.3.0.0

Refernces

MOS: BEA-101104 Java.net.ProtocolException While Downloading And Executing Webstart Resource (Doc ID 1988048.1)

OFM Summer Camps V 2015: Cloud and above the cloud…

The OFM Summer Camps 2015 is finished successful (August 17th – 21st 2015 Lisbon Portugal) and Oracle Fusion Middleware community could review new capabilities of Oracle Cloud Service in different areas. More than 100 participants attended the event, learning much new stuff about new features and enhancements of Oracle Cloud Computing.

The four hands-on training were organized about the following topics:

  • Mobile and Mobile Cloud Service
  • BPM Suite 12c and Process Cloud Service
  • Hybrid Integration with Integration Cloud Service, SOA Suite Cloud Service and SOA 12c
  • Java Cloud Service
OPITZ Consulting Team in Sommer Camp 2015

OPITZ Consulting Team in Sommer Camp 2015

I try to give a short overview regarding Java Cloud technical workshop. As you know, Oracle Java Cloud Service is a part of the platform service offerings in Oracle Cloud. Powered by Oracle WebLogic Server, it provides a platform on top of Oracle’s enterprise-grade cloud infrastructure for developing and deploying new or existing Java EE applications.[1] With Java Cloud, you have an Environment to Build, Deploy, and Manage Java Enterprise Applications. Cosmin Tudor, Oracle Principal Product Manager, presented in 4 days technical workshop the different steps and capabilities of Java Cloud.

Oracle Public Cloud Strategy suggests a flexible solution that the customer can combine the private and public cloud approaches. From my point of view, the security aspects are not enough cleared in public cloud and therefore my advice regarding critical data and information is private cloud! I see an advantage that oracle can provide a stable solution regarding private cloud. We can use hybrid Oracle Cloud approach not only as PaaS and IaaS, but also DaaS and SaaS is now available in public cloud too.

Developer Cloud Service, as a Platform as a Service (PaaS) Development Environment for the Enterprise, can simplify development with an automatically provisioned development platform that supports the complete development lifecycle.

Oracle Data as a Service (DaaS) for Business allows businesses to use data as a standalone asset and connect with partner data to make smarter decisions. Oracle DaaS is a service in Oracle Cloud that offers the most variety, scale, and connectivity in the industry, including cross-channel, cross-device, and known and anonymous data. Use Oracle DaaS to drive intelligent actions for B2B and B2C organizations[2].

In order to prepare our environment in technical workshop, we worked on Database Cloud Service too. Preparing Oracle Database in the Cloud was very fast and stable and we can await Oracle Database achieve new levels of efficiency, security, and availability.

In addition, working with Weblogic 12.1.3 and its new features was very amazing, specially using Oracle Traffic Director, JCS configuration – e.g. JCS network rules configuration, and Coherence clusters. It was important that many parts of workshop’s materials can be used as PoC for different needs of customer. Our working and training present us that Oracle Java Cloud Service is a complete platform with Oracle WebLogic Server as the application container, Oracle Coherence as a caching and data grid tier, and Oracle Traffic Director as the software load balancer.

I can summarize OFM Sommer Camp 2015 as bellow: A lot of things are done, a lot of things need to be done, and a lot of new ideas are here!

Special thanks to Jürgen Kress for the excellent organization of the event!

Thanks Simon Haslam for Foto and his comment: This is the room the *real* work is being done in – Cosmin’s JCS lab!

Java Cloud Service Training – Sommer Camp 2015

Java Cloud Service Training – Sommer Camp 2015

[1] See: http://docs.oracle.com/cloud/latest/jcs_gs/index.html

[2] See: https://www.oracle.com/cloud/daas.html

See too: https://thecattlecrew.wordpress.com/2015/08/22/ofm-summer-camps-v-2015-cloud-and-above-the-cloud/

DOAG 2014 Konferenz: IT-Sicherheit und OFM: Eine Herkulesaufgabe?

Es gab am 20. Juni in Nürnberg den DOAG 2014 Konferenz. Mein Kollege Frank Burkhardt und ich haben dort einen Vortrag über „IT-Sicherheit und OFM: Eine Herkulesaufgabe?“. Hier finden Sie unser Abstract und unsere Präsentation:

Die Anforderungen, die heute an IT-Sicherheitsexperten gestellt werden, erinnern mitunter an die scheinbar unlösbaren Aufgaben des Herkules in der griechischen Sage. Doch nicht jeder Security-Spezialist ist ein IT-Muskelmann. Und allein die traditionellen IT-Sicherheitsansätze und Maßnahmen reichen nicht aus, um neue technische aber auch organisatorische Fragen zu beantworten. Welche Lösungsansätze bietet Oracle aus diesem Dilemma? Nach einer kurzen Einführung in die Problematik stellen die Referenten die Security-Konzepte von Oracle vor und richten danach einen besonderen Fokus auf Oracle WebLogic Server und Oracle Plattform Security Services (OPSS).

Diese Themen stehen dabei Mittelpunkt:

  • Herausforderungen der IT-Sicherheit in weltweit vernetzten Systeme
  • IT-Sicherheitsarchitektur und der Ansatz von Oracle
  • Oracle Fusion Middleware und Bausteine der Sicherheitstechnologie von Oracle: WLS, OAM, OID, OVD,  WebGate

Sichere Systeme: Best Practice und Erfahrungsberichte zu Authentication, Authorization, Single-Sign-On (SSO), Secure Socket Layer (SSL) und Security Assertion Markup Language (SAML)

Link zu unserer Präsentation:

https://modjorg.files.wordpress.com/2015/01/it-security_doag_20141120.pdf

IT-Security (Part 7): WebLogic Server, Roles, Role Mapping and Configuring a Role Mapping Provider

Key words: IT-Security, WebLogic Server, Authorization, authorization process, Role Mapping, Roles and  XACML Role Mapping Provider

Let’s continue with Authorization topic. We discussed about the Authorization Process and its main components such as WebLogic Security Framework and Security Provider. Now, we look at Security Provider’s subcomponents: Role Mapping and Security Policies.

The Role Mapping: Is access allowed?

Role Mapping providers help to clear, weather a user has the adequate role to access a resource? The Authorization provider can with this role information answer the “is access allowed?” question for WebLogic resources.[1]

The Role Mapping Process

Role mapping is the process whereby principals are dynamically mapped to security roles at runtime. The WebLogic Security Framework sends Request Parameter to specific Role Mapping provider that is configured for a security realm as a part of an authorization decision. Figure 1 Role Mapping Process presents how the Role Mapping providers interact with the WebLogic Security Framework to create dynamic role associations. The result is a set of roles that apply to the principals stored in a subject at a given moment.[2]

Role Mapping Process

Role Mapping Process

Figure 1 Role Mapping Process

Let’s review each part again[3]:

  • The request parameters are including information such as the subject of the request and the WebLogic resource being requested.
  • Role Mapping provider contains a list of the roles. For instance, if a security policy specifies that the requestor is permitted to a particular role, the role is added to the list of roles that are applicable to the subject.
  • As response, get WebLogic Security Framework the list of roles.
  • These roles can then be used to make authorization decisions for protected WebLogic resources, as well as for resource container and application code. I’m going to discuss about that in part 9.

Configuring a Role Mapping Provider

The XACML Role Mapping provider and DefaultRoleMapper are included by WebLogic Server. In addition, you can use a custom Role Mapping provider in your security realm too. By default, most configuration options for the XACML Role Mapping provider are already defined. However, you can set Role Mapping Deployment Enabled, which specifies whether or not this Role Mapping provider imports information from deployment descriptors for Web applications and EJBs into the security realm. This setting is enabled by default. In order to support Role Mapping Deployment Enabled, a Role Mapping provider must implement the DeployableRoleProvider SSPI. Roles are stored by the XACML Role Mapping provider in the embedded LDAP server.[4] XACML Role Mapping provider is the standard Role Mapping provider for the WebLogic Security Framework. To configure a Role Mapping provider:

  • In the Change Center of the Administration Console, click Lock & Edit
Change Center

Change Center

Figure 2 Change Center

  • In the left pane, select Security Realms and click the name of the realm you are configuring.
Domain Structure: Click Security Realms

Domain Structure: Click Security Realms

Figure 3 Domain Structure: Click Security Realms

Summary of Security Realms

Summary of Security Realms

Figure 4 Summary of Security Realms

  • Select Providers > Role Mapping. The Role Mapping Providers table lists the Role Mapping providers configured in this security realm
myrealm: Role Mapping

myrealm: Role Mapping

Figure 5 myrealm: Role Mapping

  • Click New. The Create a New Role Mapping Provider page appears.
WebLogic Server default Role Mapping Provider: XACMLRoleMapper

WebLogic Server default Role Mapping Provider: XACMLRoleMapper

Figure 6 WebLogic Server default Role Mapping Provider: XACMLRoleMapper

  • In the Name field, enter a name for the Role Mapping provider. From the Type drop-down list, select the type of the Role Mapping provider (e.g. DefaultRoleMapper or XACMLRoleMapper) and click OK.
a New Role Mapping Provider: Default_1

a New Role Mapping Provider: Default_1

Figure 7 a New Role Mapping Provider: Default_1

  • Select Providers > Role Mapping and click the name of the new Role Mapping provider to complete its configuration.

 

Role Mapping Configuration

Role Mapping Configuration

Figure 8 Role Mapping Configuration

  • Optionally, under Configuration > Provider Specific, set Role Deployment Enabled if you want to store security roles that are created when you deploy a Web application or an Enterprise JavaBean (EJB) (See Figure 8 Role Mapping Configuration).
  • Click Save to save your changes.
  • In the Change Center, click Activate Changes and then restart WebLogic Server.

XACML Role Mapping Provider

As we discussed above, a WebLogic security realm is configured by default with the XACML Role Mapping provider. It implements XACML 2.0, the standard access control policy markup language (the eXtensible Access Control Markup Language). WebLogic XACML Role Mapping Provider is saved as a .dat file und available on e.g.: $Domain-Home/XACMLRoleMapper.dat and has the following options (see Figure 8 Role Mapping Configuration):

  • Name: The name of your WebLogic XACML Role Mapping Provider.
  • Description: The description of your Weblogic XACML Role Mapping Provider.
  • Version: The version of your Weblogic XACML Role Mapping Provider.
  • Role Deployment Enabled: Returns whether this Role Mapping provider stores roles that are created while deploying a Web application or EJB.

You can see file structure on the following example: XACMLRoleMapper.dat has different User/Groups. For each User assigned particular Roles, Policies and associated resources. For example, you see description of Group and User “Administrators” below:

XACMLRoleMapper.dat: description of Group and User “Administrators”

XACMLRoleMapper.dat: description of Group and User “Administrators”

Figure 9 XACMLRoleMapper.dat: description of Group and User “Administrators”

You see a policy contains Description, Target and Rule. Each element is associated to different attributes and with this form prepared one “authorization matrix” that it helps to decide Application Server about a user or a group. Continued…

References

See too last parts of IT-Security and Oracle Fusion Middleware:

  1. http://thecattlecrew.wordpress.com/2014/02/17/it-security-weblogic-server_1/
  2. http://thecattlecrew.wordpress.com/2014/03/05/it-security-part-2-weblogic-server-and-oracle-platform-security-services-opss-2/
  3. http://thecattlecrew.wordpress.com/2014/03/14/it-security-part-3-weblogic-server-and-java-security-features/
  4. http://thecattlecrew.wordpress.com/2014/06/05/it-security-weblogic-server-and-authentication-part-4/
  5. http://thecattlecrew.wordpress.com/2014/06/22/it-security-part-5-weblogic-server-perimeter-authentication-and-identity-assertion/
  6. http://thecattlecrew.wordpress.com/2014/07/23/it-security-part-6-weblogic-server-and-authorization/

[1] Oracle® Fusion Middleware Securing Oracle WebLogic Server 11g Release 1 (10.3.6), E13707-06

[2] Oracle® Fusion Middleware Understanding Security for Oracle WebLogic Server 11g Release 1 (10.3.6), E13710-06

[3] Oracle® Fusion Middleware Understanding Security for Oracle WebLogic Server 11g Release 1 (10.3.6), E13710-06

[4] Oracle® Fusion Middleware Securing Oracle WebLogic Server 11g Release 1 (10.3.6), E13707-06

IT-Security (Part 6): WebLogic Server and Authorization

Key words: IT-Security, WebLogic Server, WebLogic Security Framework, Authorization, authorization process, Role Mapping, Roles, Adjudication Process, Security Service Provider Interfaces (SSPIs), Users, Groups, Principals and Subjects

We discussed about Authentication in Part 4 and 5[1]; now let us focus on Authorization topic. Authorization is known as access control too and is used to clear main questions such as: “What can you access?”, “Who has access to a WebLogic resource?”, “Is access allowed?” and in general “Who can do what?“ In order to guarantee integrity, confidentiality (privacy), and availability of resources, WebLogic are restricted accesses to these resources. In other words, authorization process is responsible to grant access to specific resources based on an authenticated user’s privileges.

Authorization: What can you access?

After authentication one user, it is the first question that system has to answer: “What can you access?” In this sense, WebLogic Server has to clear, which resources are available for a particular user, that will be cleared by using the user’s security role and the security policy assigned to the requested WebLogic resource. A WebLogic resource is generally understood as a structured object used to represent an underlying WebLogic Server entity, which can be protected from unauthorized access using security roles and security policies. WebLogic resource implementations are available for[2]:

  • Administrative resources
  • Application resources
  • Common Object Model (COM) resources
  • Enterprise Information System (EIS) resources
  • Enterprise JavaBean (EJB) resources
  • Java Database Connectivity (JDBC) resources
  • Java Messaging Service (JMS) resources
  • Java Naming and Directory Interface (JNDI) resources
  • Server resources
  • Web application resources
  • Web service resources
  • Work Context resources

The Authorization Process

I’m going to clear whole process in a top-down approach. First of all, we have to see what will be happen in Authorization Process? Figure 1 Authorization Process[3] shows how WebLogic Security Framework communicated with a particular Security Provider and Authorization providers respectively.

Authorization Process

Authorization Process

Figure 1 Authorization Process

If a user want to use one protected resource, then WebLogic send a request to “Resource Container” that handles the type of WebLogic resource being requested receives the request (for example, the EJB container receives the request for an EJB resource). It forwards to “WebLogic Security Framework” and its request parameters, including information such as the subject of the request and the WebLogic resource being requested. The Role Mapping providers use the request parameters to compute a list of roles to which the subject making the request is entitled and passes the list of applicable roles back to the WebLogic Security Framework. On this information will be decided about authorization: e.g. PERMIT and/or DENY. WebLogic Server provides an auditing to collect, store and distribute information about requests and outcomes. It calls Adjudication. It can happened that for Authorization is defined multiple providers. For such cases is an Adjudication provider available. The WebLogic Security Framework delegates the job of merging any conflicts in the Access Decisions rendered by the Authorization providers to the Adjudication provider. It resolves the conflicts and sends a final decision (TRUE or FALSE) to WebLogic Security Framework.[4]

WebLogic Security Framework

I have mentioned a bit about WebLogic Security Framework in Part 1 and 2[5]. Figure 2 WebLogic Security Service Architecture shows a high-level view of the WebLogic Security Framework. The framework contains interfaces, classes, and exceptions in the weblogic.security.service package. The Framework provides a simplified application programming interface (API) that can be used by security and application developers to define security services. Within that context, the WebLogic Security Framework also acts as an intermediary between the WebLogic containers (Web and EJB), the Resource containers, and the security providers[6].

WebLogic Security Framework

WebLogic Security Framework

Figure 2 WebLogic Security Service Architecture

The Security Service Provider Interfaces (SSPIs) can be used by developers and third-party vendors to develop security providers for the WebLogic Server environment[7].

Security Provider

Figure 1 Authorization Process presents Security Provider as next module that provides security services to applications to protect WebLogic resources.  A security provider consists of runtime classes and MBeans, which are created from SSPIs and/or Mbean types. Security providers are WebLogic security providers (provided with WebLogic Server) or custom security providers. You can use the security providers that are provided as part of the WebLogic Server product, purchase custom security providers from third-party security vendors, or develop your own custom security providers.

Roles

In order to complete authorization process, is Role Mapping within security provider necessary. Simple to say, a role mapper maps a valid token to a WebLogic user. Formerly that we focus on Roles, I would like to clarify a few more terms.

Users, Groups, Principals and Subjects

User is an entity that is authenticated in our security provider in last steps (See: Part 4 and 5 – Authentication Process[8]). A user can be a person or a software entity or other instances of WebLogic Server. As a result of authentication, a user is assigned an identity, or principal. A principal is an identity assigned to a user or group as a result of authentication and can consist of any number of users and groups. Principals are typically stored within subjects. Both users and groups can be used as principals by WebLogic Server.

Groups are logically ordered sets of users. Usually, group members have something in common. For example, a company may separate its IT-Department into two groups, Admins and Developers. In this form, it will be possible to define different levels of access to WebLogic resources, depending on their group membership. Managing groups is more efficient than managing large numbers of users individually. For example, an administrator can specify permissions for several users at one time by placing the users in a group, assigning the group to a security role, and then associating the security role with a WebLogic resource via a security policy. All user names and groups must be unique within a security realm[9].

Security Roles

Role is a dynamically computed privilege that is granted to users or groups based on specific conditions. The difference between groups and roles is that a group is a static identity that a server administrator assigns, while membership in a role is dynamically calculated based on data such as user name, group membership, or the time of day. Security roles are granted to individual users or to groups, and multiple roles can be used to create security policies for a WebLogic resource. A security role is a privilege granted to users or groups based on specific conditions[10].

Like groups, security roles allow you to restrict access to WebLogic resources for several users at once. However, unlike groups, security roles[11]:

  • Are computed and granted to users or groups dynamically, based on conditions such as user name, group membership, or the time of day.
  • Can be scoped to specific WebLogic resources within a single application in a WebLogic Server domain (unlike groups, which are always scoped to an entire WebLogic Server domain).

Granting a security role to a user or a group confers the defined access privileges to that user or group, as long as the user or group is “in” the security role. Multiple users or groups can be granted a single security role. It can be summarized as follows:

Groups are static and defined on Domain level (coarse granularity) and Roles are dynamic and defined on Resource level (fine granularity). Continued…

See too last parts of IT-Security and Oracle Fusion Middleware:

  1. http://thecattlecrew.wordpress.com/2014/02/17/it-security-weblogic-server_1/
  2. http://thecattlecrew.wordpress.com/2014/03/05/it-security-part-2-weblogic-server-and-oracle-platform-security-services-opss-2/
  3. http://thecattlecrew.wordpress.com/2014/03/14/it-security-part-3-weblogic-server-and-java-security-features/
  4. http://thecattlecrew.wordpress.com/2014/06/05/it-security-weblogic-server-and-authentication-part-4/
  5. http://thecattlecrew.wordpress.com/2014/06/22/it-security-part-5-weblogic-server-perimeter-authentication-and-identity-assertion/

 

[1] See: http://thecattlecrew.wordpress.com/2014/06/05/it-security-weblogic-server-and-authentication-part-4/

and http://thecattlecrew.wordpress.com/2014/06/22/it-security-part-5-weblogic-server-perimeter-authentication-and-identity-assertion/

[2] Oracle® Fusion Middleware Understanding Security for Oracle WebLogic Server, 11g Release 1 (10.3.6), E13710-06

[3] Oracle® Fusion Middleware Securing Oracle WebLogic Server 11g Release 1 (10.3.6), E13707-06

[4] Oracle® Fusion Middleware Securing Oracle WebLogic Server 11g Release 1 (10.3.6), E13707-06

[5] See: http://thecattlecrew.wordpress.com/2014/02/17/it-security-weblogic-server_1/

and http://thecattlecrew.wordpress.com/2014/03/05/it-security-part-2-weblogic-server-and-oracle-platform-security-services-opss-2/

[6] See: http://docs.oracle.com/cd/E24329_01/web.1211/e24484/archtect.htm

[7] See: http://docs.oracle.com/cd/E24329_01/web.1211/e24446/security.htm#autoId3

[8] See: http://thecattlecrew.wordpress.com/2014/06/05/it-security-weblogic-server-and-authentication-part-4/

and http://thecattlecrew.wordpress.com/2014/06/22/it-security-part-5-weblogic-server-perimeter-authentication-and-identity-assertion/

[9] See: http://docs.oracle.com/cd/E28280_01/apirefs.1111/e13952/taskhelp/security/ManageUsersAndGroups.html

[10] See: http://docs.oracle.com/cd/E13222_01/wls/docs81/secwlres/secroles.html

[11] See: http://docs.oracle.com/cd/E13222_01/wls/docs90/secintro/realm_chap.html

IT-Security: Part 1 to 5 as PDF file

Key words:IT-Security, Security Challenges, OPSS Architecture, WebLogic Server, JAAS, JAAS LoginModules, Authentication, Basic Authentication, Certificate Authentication, Digest Authentication, perimeter Authentication and Identity Assertion

Until now I have published five parts of a series of articles on IT-Security and Oracle Fusion Middleware:

  1. http://thecattlecrew.wordpress.com/2014/02/17/it-security-weblogic-server_1/
  2. http://thecattlecrew.wordpress.com/2014/03/05/it-security-part-2-weblogic-server-and-oracle-platform-security-services-opss-2/
  3. http://thecattlecrew.wordpress.com/2014/03/14/it-security-part-3-weblogic-server-and-java-security-features/
  4. http://thecattlecrew.wordpress.com/2014/06/05/it-security-weblogic-server-and-authentication-part-4/
  5. http://thecattlecrew.wordpress.com/2014/06/22/it-security-part-5-weblogic-server-perimeter-authentication-and-identity-assertion/

I’m going to continue the IT-Security’s articles and you can access to complete first five parts as PDF-file here:

WebLogic-Server_IT_Security_1til5

Orchestrierung der IT-Sicherheit: Wie sieht es mit der Oracle Fusion Middleware aus?

Es gab am 06. März 2014 in Hochschule für angewandte Wissenschaften München den DOAG Regionaltreffen München/Südbayern. Ich habe  dort einen Vortrag über „Orchestrierung der IT-Sicherheit: Wie sieht es mit der Oracle Fusion Middleware aus?“  gehalten. Hier finden Sie mein Abstract und meine Präsentation:
Orchestrierung ist eine riesige Symphonie verschiedenster Komponenten im IT-Bereich. Die Orchestrierung der IT-Sicherheit ist daher mehr als nur eine klassische administrative Aufgabe, die auf Netzwerkebene zu realisieren ist. IT-Sicherheit ist eine Herausforderung im Zeitalter des Cloud Computing, der veränderten Herausforderungen in einer verteilten, heterogenen und noch mehr komplexen IT-Welt.
In diesem Vortrag wird gezeigt, dass allein die traditionellen IT-Sicherheitsansätze und Maßnahmen nicht ausreichen, um neue technische aber auch organisatorische Fragen zu beantworten. Nach einer kurzen Einführung in die Problematik  werden Lösungsansätze von Oracle vorgestellt. Ein besonderer Fokus wird dabei auf Oracle WebLogic Server und Oracle Plattform Security Services (OPSS) gelegt.

Orchestrator_Security_V2.3_Kurz