Enable or disable the "Reject if Password Contains the User Name Reversed" setting.
(1) enabled/disabled
(1) via the Administration Console, Security Realm > Name of the active Realm > Providers > Password Validation > System Password Validator > Provider Specific > Reject if Password Contains the user Name Reversed field
link down to section 5.8.1, Table 5-7
Oracle Fusion Middleware: Securing Oracle WebLogic Server, 11g Release 1 (10.3.1)
Oracle
2009-05-01
10.3.1
Prose(pdf)