Technical and Product News and Insights from Rackspace
The post introduces steps to set up an SSH tunnel for Oracle® WebLogic Server (WLS) Administration Console access in version R12.2.
Before you set up the SSH tunnel, you should apply one of the following updates to Oracle E-Business Suite (EBS) Release 12.2:
After you bring EBS up-to-date, AutoConfig secures access to the Oracle WLS ports by using the WLS connection filters. At that point, the application tier nodes of the Oracle EBS instance grant WLS ports unrestricted access. The WLS Administration Console and Fusion Middleware Control need to use WLS Administration ports, which have no default trusted hosts. Therefore, this post introduces a means to give your administrators access to these tools. A secure-by-default SSH tunnel for WLS Administration access should reduce the available attack surface, control access to the ports, and protect the EBS infrastructure. The feature lets you automate the use of WLS connection filters.
Note: To use an SSH tunnel to access the Administration Console and Fusion Middleware Control through the WLS Administration ports, you need operating system access to the primary application tier node.
Perform the following steps in sequence to set up an SSH Tunnel with PuTTY® to access the WLS Administration Console:
Open a PuTTY session.
Enter the host information in the Host Name (or IP address) field, replacing <primary_admin_server> with the primary application WebLogic Administration node, where you are running the WLS Administrator.
In the left-panel, click Session and click Save.
Login to PuTTY as the application OS user to your primary administration server.
Open a web browser to access
After you set up SSH tunneling from your UNIX or Windows® client, you can securely access the WLS Administration Console and Fusion Middleware Control. Launch a browser from your client and connect to the administrative URLs.
On a Windows client, you can use either one of the following SSH executables:
Windows 10: OpenSSH
ssh from Microsoft: If you use
ssh, follow the syntax for
ssh shown in the preceding example.
plink from PuTTY: If you use
plink, use the following command:
C:\> plink.exe -N -L localhost:<WLS_admin_port>:<primary-apptier>:<WLS_admin_port> <OS_user>@<primary-apptier>
For example, if the Oracle WebLogic Server Administration port is
the OS user is
oracleuser, use the following command:
C:\> plink.exe -N -L localhost:7001:<primary-apptier>:7001 oracleuser@<primary-apptier>
SSH tunneling helps you access the WLS Administration console from a local Windows device, where EBS restricted all access to the WLS Administration server for other devices. You don’t need any additional software other than PuTTY to set up the SSH tunnel.
Use the Feedback tab to make any comments or ask questions. You can also click Sales Chat to chat now and start the conversation.