This post is very basic troubleshooting in WebLogic Server and your starting point should be Log files . For more information on logs in WebLogic Server (Admin & Managed Server Logs) here  

Issue : On login to WebLogic Console with correct credentials, you get message “username/password is not correct please try again”

Reason : User Account is locked and message on screen is misleading.

Recently my Development team contacted me with error that they can’t login to WebLogic Admin Server (/console) even with correct username/password. I tested this and faced similar issue (Your username and password are not correct please try again) .

   On checking Admin Server Logs at $MW_HOME/ user_projects/ domains/ [domain_name]/ servers/ [AdminServer]/ logs/[AdminServer].log  I found below entry

_______________________

 ####<12-Sep-2009 09:17:52 o’clock GMT> <Notice> <Security> <focusthread.com> <AdminServer> <[ACTIVE] ExecuteThread: ’17′ for queue: ‘weblogic.kernel.Default (self-tuning)’> <<anonymous>> <> <> <1260962272097> <BEA-090078> <User weblogic in security realm myrealm has had 5 invalid login attempts, locking account for 30 minutes.>

####<12-Sep-2009 09:47:52 o’clock GMT> <Info> <Security> <focusthread.com> <AdminServer> <[ACTIVE] ExecuteThread: ’16′ for queue: ‘weblogic.kernel.Default (self-tuning)’> <<anonymous>> <> <> <1260966764623> <BEA-090067> <User lockout expired, unlocking user weblogic in security realm myrealm.>

______________________
 Account Lockout is default behaviour in WebLogic Server which locks user account for 30 minutes after 5 failed attempts (This is default policy defined in default realm “myrealm” check image below).  

.
You have following options :
1)
Disable lockout policy
2) Increase Lockout Threshold
3) Decrease Lockout Duration
4)User external LDAP server (iPlanet, OID, AD) to authenticate user and use password policy defined in LDAP Server
For quick fix you can disable Lockout feature in your Security Realm (avoid this in production server)

Security Realms -> Select your realm (myrealm in my case) -> User Lockout -> uncheck Lockout Enabled

.

.

.

More on performance troubleshooting in WebLogic Server coming soon !!!

Related Posts for Learn WebLogic with Us


  1. Oracle WebLogic Installation Steps
  2. Domain , Administration & Managed Server, Cluster in Oracle WebLogic
  3. Create Domain in Oracle WebLogic
  4. Oracle WebLogic Server – Startup/Shutdown
  5. Oracle WebLogic Server 10g R3 10.3 is out now
  6. Deploy Application on Oracle WebLogic Server
  7. Cluster Architecture : Oracle WebLogic Server
  8. Start WebLogic Server on Linux on port 80, 443 <= 1024
  9. JDBC (Java DataBase Connectivity ) in Oracle WebLogic – Overview
  10. WebLogic Server JDBC for Database connection : Step by Step
  11. Security in Oracle WebLogic : Realm, Security Provider, Authentication, Authorization, Users
  12. Deploy ADF application to Oracle WebLogic Server
  13. Node Manager in Oracle WebLogic Server
  14. Configure Oracle HTTP Server infront of Oracle WebLogic Server mod_wl_ohs
  15. How to install weblogic server on 64 bit O.S. (Linux /Solaris) ?
  16. Oracle WebLogic Login Issue : Password is not correct (Password Lock Policy)
  17. Oracle WebLogic Server : Node Manager in nutshell
  18. Certification : 1Z0-108 Oracle WebLogic Server 10g System Administrator Certified Expert
  19. How to integrate WebLogic with Oracle Internet Directory for Login : Authentication
  20. opatch, adpatch and now “smart update” (BSU) to apply weblogic patches
  21. Disater Recovery documentation for Oracle WebLogic Server 11g (Fusion Middleware)
  22. Authentication Providers in #WebLogic – Oracle Access Manager Identity Assertion for Single Sign-On and OAM Authenticator
  23. Error while starting WebLogic Server : java.lang.NumberFormatException: null
  24. #WebLogic startup prompting from username password : boot.properties
  25. BEA-000286 : Failed to invoke startup class “JRF Startup Class” oracle.jrf.wls.JRFStartup
  26. WebLogic Kerberos (SSO) Authentication Issue : Error 401 Forbidden : No Configuration was registered that can handle the configuration named com. sun. security. jgss. krb5. accept
  27. How to reset Lost Oracle WebLogic Password for Fusion Middleware Applications
  28. Oracle WebLogic Server Certification : 1Z0-108 Practice Question and Dumps
  29. WebLogic Startup fails with Unable to obtain lock on Server may already be running
  30. Oracle Weblogic 12c Launch : Attend online on 1 Dec 2011
  31. Oracle WebLogic 12c (12.1.1) is now available to download
  32. How to Install WebLogic 12C (12.1.1) on Mac
  33. Oracle #WebLogic Server 12c : SE vs EE vs Suite License Options
  34. SSL in WebLogic (CA, KeyStore, Identity & Trust Store) : Things you must know – Part I
  35. SSL in WebLogic Server – Part II : Create KeyStore, generate CSR, Import CERT and configure KeyStore with WebLogic
  36. WebLogic Admin Server Start-up hanging at “Initializing self-tuning thread pool”
  37. Error in WebLogic Clustering : socket MaxMessage Size Exceeded Exception
  38. Changed or New Features in WebLogic 12.1.2
  39. WebLogic SSL configuration : Inconsistent security configuration Cannot convert identity certificate
  40. Dynamic Cluster in WebLogic 12.1.2 : New Features in WebLogic 12c
  41. Identity Propagation between two WebLogic Domains : Cross Domain Security VS Global Trust
  42. WebLogic Admin Server Start Up hangs at ‘Log Management’ BEA-170019 IIOP subsystem enabled
  43. Security:090294 could not get connection javax. net. ssl. SSLKeyException FATAL Alert BAD_CERTIFICATE – A corrupt or unuseable certificate was received
  44. WLST connecting to WebLogic Admin Server failed : Bootstrap to [IP:Port] failed. It is likely that the remote side declared peer gone on this JVM