The Security page in the WebLogic Server documentation
Attributes
Attribute Label
Description
Value Constraints
Minimum Password Length
The minimum number of characters required in any domain password.
Minimum: 0
Default: 8
Configurable: yes
Readable: yes
Writable: yes
Lockout Enabled
Controls whether or not WebLogic Server tracks invalid login attempts and takes appropriate action.
Default: true
Readable: yes
Writable: yes
Lockout Threshold
Number of failed logins for a user that can be tried before that account is locked. Any subsequent attempts to access the account (even if the username/password combination is correct) cause a security exception. If a security exception occurs, the account remains locked until it is explicitly unlocked by the system administrator or another login attempt is made after the lockout duration period ends. Note that invalid login attempts must be made within a span defined by the Lockout Reset Duration attribute to count toward the value of the Lockout Thresholdattribute.
Minimum: 1
Maximum: 99999
Default: 5
Configurable: yes
Readable: yes
Writable: yes
Lockout Duration
Number of minutes that a user's account remains inaccessible after being locked in response to several invalid login attempts within the amount of time specified in the LockoutResetDurationattribute. In order to unlock a user account, you must have the unlockuser permission for the Password Policy MBean.
Minimum: 0
Maximum: 999999
Default: 30
Configurable: yes
Readable: yes
Writable: yes
Lockout Reset Duration
Number of minutes within which the invalid login attempts must happen in order for the user's account to be locked.
An account is locked if the number of invalid login attempts defined in the Lockout Thresholdattribute happens within the amount of time defined by this field.
