Resolving Access to sensitive attribute in clear text is not allowed in Weblogic

Oracle Weblogic Server

Trying to set the Credential attribute inside Domain > Security > Advanced as described in Enabling Global Trust Between WebLogic Server Domains causes the following message:

Access to sensitive attribute in clear text is not allowed due to the setting of ClearTextCredentialAccessEnabled attribute in SecurityConfigurationMBean.

The reason behind this message is that the flag -Dlog4j.configuration=log4j.xml has been set in the WebLogic Server startup options.

Adding this parameter causes the Admin Console’s own not to be loaded. Then, the log level in Admin Console is changed to DEBUG.

When the log level is set to DEBUG, the admin sever logs any changes to a datasource’s attributes, including the username, password and url etc. This is the reason why the credentials are requested as Clear Text.

Please do following to get rid of the error:

Check Domain > Security > Clear Text Credential Access Enabled. Setting this option may result a security risk.

Remove -Dlog4j.configuration=log4j.xml flag in server startup and configure Log4j at the application level.

Change the log level to something less than DEBUG. Generally, setting the log to debug should only be necessary while a problem is actively being diagnosed and resolved.

Debug messages can be extremely verbose. Thus, once the need to debug is past, turning off debug is recommended to avoid the excessive logging it can cause and also to avoid the issue here.

In case of any ┬ęCopyright or missing credits issue please check CopyRights page for faster resolutions.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.