CCE-17254-4| Platform: weblogicserver11g | Date: (C)2011-10-07 (M)2012-11-12 |
Enable or disable the "Reject if Password Contains the User Name" attribute as appropriate.
Parameter:
(1) enabled/disabled
Technical Mechanism:
(1) via the Administration Console, Security Realm > Name of the active Realm > Providers > Password Validation > System Password Validator > Provider Specific > User Name Policies section
References:
| Resource Id | Reference |
|---|
| Securing Oracle WebLogic Server 11g Release 1 (10.3.1) | link down to section 5.8.1, Table 5-7 |
