Oracle WebLogic Login Issue : Password is not correct (Password Lock Policy)
This post is very basic troubleshooting in WebLogic Server and your starting point should be Log files . For more information on logs in WebLogic Server (Admin & Managed Server Logs) here
Issue : On login to WebLogic Console with correct credentials, you get message “username/password is not correct please try again”
Reason : User Account is locked and message on screen is misleading.
Recently my Development team contacted me with error that they can’t login to WebLogic Admin Server (/console) even with correct username/password. I tested this and faced similar issue (Your username and password are not correct please try again) .
On checking Admin Server Logs at $MW_HOME/ user_projects/ domains/ [domain_name]/ servers/ [AdminServer]/ logs/[AdminServer].log I found below entry
_______________________
####<12-Sep-2009 09:17:52 o’clock GMT> <Notice> <Security> <focusthread.com> <AdminServer> <[ACTIVE] ExecuteThread: ’17’ for queue: ‘weblogic.kernel.Default (self-tuning)’> <<anonymous>> <> <> <1260962272097> <BEA-090078> <User weblogic in security realm myrealm has had 5 invalid login attempts, locking account for 30 minutes.>
####<12-Sep-2009 09:47:52 o’clock GMT> <Info> <Security> <focusthread.com> <AdminServer> <[ACTIVE] ExecuteThread: ’16’ for queue: ‘weblogic.kernel.Default (self-tuning)’> <<anonymous>> <> <> <1260966764623> <BEA-090067> <User lockout expired, unlocking user weblogic in security realm myrealm.>
______________________
Account Lockout is default behaviour in WebLogic Server which locks user account for 30 minutes after 5 failed attempts (This is default policy defined in default realm “myrealm” check image below).
.
You have following options :
1) Disable lockout policy
2) Increase Lockout Threshold
3) Decrease Lockout Duration
4)User external LDAP server (iPlanet, OID, AD) to authenticate user and use password policy defined in LDAP Server
For quick fix you can disable Lockout feature in your Security Realm (avoid this in production server)
Security Realms -> Select your realm (myrealm in my case) -> User Lockout -> uncheck Lockout Enabled
.
.
.
More on performance troubleshooting in WebLogic Server coming soon !!!
Did you get a chance to download Free Interview Questions related to WebLogic? If not, download it here http://k21academy.com/weblogic-interview-question
