Oracle Weblogic (former BEA Weblogic) enforces a security model by default that is unhealthy for developers writing REST web services or other kinds of web applications using HTTP Authentication for security. By default, when sending an HTTP Authentication header, Weblogic will check its own security realms for users matching the username and password. If there [...]

[Les mer →]