Covering J2EE Security and WebLogic Topics


Since this is my first post, it seems like a good time to give you an overview of what you’ll find here.

I intend to focus on J2EE application security topics in general and WebLogic security in particular. I’ll also occasionally cover non-security related aspects of the WebLogic stack. The majority of the posts will be technical but I’ll sometimes throw in Executive Summaries on certain topics to make sure that we’re all on the same page. I hope these posts will be especially helpful for developers who are dealing with security issues for the first time. In fact, my first “real” post, Monty Python Teaches Application Security, will be one of these overviews.

Hopefully, a like-minded community will grow around this blog so that we can learn from each other. Feel free to comment profusely and set me straight when I need it.

About Me

I’ve worked with Java since 1998 and J2EE since 2001. WebLogic has been my primary platform for J2EE development since 2002 and, through a twist of fate, I’ve dealt with application security since then, too.

I can be reached via email at mike at

Thanks for reading,

Mike Fleming