New to Weblogic Security

I have an ORACLE database which contains a table of 100s of users and passwords with their group information. I developed a Webapplication (in Tomcat) in which one of the servlets works as authenticator for the user logging in by fetching row from the datbase and validating him.(This is a simple authentication)
Now I have switched to Weblogic platform 8.1 SP2 and am completely new to Weblogic Security. I want to use Weblogic security features for my application and the users & groups should be retrieved from the database for authentication.
How can I do this ? Any clear-cut steps ?
Where can I find them in documentation ?
Please help me...Urgent !!

I found it in
Weblogic Administration Console Home -> Summary of  Security Realms->myrealm->Providers.
Click on new Authentication provider button-> you will see 'TrustServiceIdentityAsserter' as one of the types.

Similar Messages

  • Weblogic.security.internal.SerializedSystemIniException

    While starting weblogic server, I am getting the following error,
    Exception raised:
    weblogic.security.internal.SerializedSystemIniException: Version mismatch. have
    0, expected 1
         at weblogic.security.internal.SerializedSystemIni.<init>(SerializedSystemIni.java:119)
         at weblogic.security.internal.SerializedSystemIni.getEncryptionService(SerializedSystemIni.java:208)
         at weblogic.management.internal.EncryptedData.getEncryptionService(EncryptedData.java:82)
    Can anybody give a clue in this to resolve urgently?

    It seems like your SerializedSystemIni.dat is currupted.
    Do you have SerializedSystemIni.dat and fileRealm.property from any other
    working domain?
    Please try to replace both of them and see if this fixes the problem.
    -utpal
    "Ramanan " <[email protected]> wrote in message
    news:[email protected]..
    >
    While starting weblogic server, I am getting the following error,
    Exception raised:
    weblogic.security.internal.SerializedSystemIniException: Version mismatch.have
    0, expected 1
    atweblogic.security.internal.SerializedSystemIni.<init>(SerializedSystemIni.ja
    va:119)
    atweblogic.security.internal.SerializedSystemIni.getEncryptionService(Serializ
    edSystemIni.java:208)
    atweblogic.management.internal.EncryptedData.getEncryptionService(EncryptedDat
    a.java:82)
    >
    Can anybody give a clue in this to resolve urgently?

  • Weblogic security: coping URL into other tab

    Hi,
    We have two Weblogic servers on two phisically different locations.
    First of them, WLS A, have perfect security. When you login into any application that is deployed on it, and try:
    - copy URL into another tab or browser window, you are getting returned at login page
    - when you close browser (without logout), and try to start application from history, you are getting login page, again
    So, URL that you have when you enter the application is absolutely useless. Closing the browser, or tab with application have practicaly same meaning as logout.
    Second of them, WLS B, have not that security. When you login into any application that is deployed on it, and:
    - copy URL into another tab or browser window, you are getting application without need to login! So that URL can be very dangerous, because it is possible to misuse it, if the user don't make logout
    - closing browser without logout: it is possible to find out the URL in history and go back into application without login!
    It is obvious that the problem is some setting on weblogic server. We tried to compare the settings on WLS A and WLS B but we have not found the setting that we have search for. The programmer that have found and set that property on WLS A working not more in our company.
    Can anybody help, we will be very greatful!
    Thanks,

    Hi,
    The authenticate method would take the user and the password details from the environment
    (env) that is passed and after successful authentication would populate the subject with
    the principals (i.e user, group the user belongs to ..)
    It should work with any user that is defined in the WLS not just weblogic/weblogic.
    Do you have any other users defined and which group do they belong to?
    Vimala
    Khalid Rizvi wrote:
    I am playing (learning) with weblogic.security.auth.login.UsernamePasswordLoginModule
    as a LoginModule using JAAS based authentication. Surprisingly, the only userid
    and password combination acceptable is uid=weblogic, pw=weblogic combination.
    I went through and looked at the example code under
    http://e-docs.bea.com/wls/docs70/security/cli_apps.html#1042212. I found that
    the UsernamePasswordLoginModule.login calls into
    if (url != null) {
    Environment env = new Environment();
    env.setProviderUrl(url);
    env.setSecurityPrincipal(username);
    env.setSecurityCredentials(password);
    try {
    Authenticate.authenticate(env, subject);
    Seems like UsernamePasswordLoginModule only is a router, as it instantiates an
    instance of Environemt using the userid and password and passes this Environemtn
    instance (env) to Authenticate.authenticate along with the empty Subject instance.
    I read about that the Subject instance will be filled in with Principals by the
    WL Server.
    My question is that firstly,
    1. As Authenticate.authenticate is not passed in the uid and pw, will it pick
    those from the env?
    2. Secondly, why does it only accept uid=weblogic & pw=weblogic.
    I will appreciate if some one can put me in the right direction.
    Khalid R. Rizvi
    508-641-1192
    [email protected]

  • SOAP handlers and the WebLogic Security Provider Framework

    I am new to WebLogic... I am trying to understand the Weblogic security framework in terms of how a SOAP message would be processed. Do SOAP handlers get called before the configured security providers? after being processed by the Authentication provider? after being processed by the Authorization provider? or at some other point?

    Thanks. But I have some questions about the seed:
    - where is it stored?
    - how is it encrypted?
    - is the seed regenerated periodically? or under certain circumstances?
    Regards,
    Janice Pang
    "Tom Hegadorn" <[email protected]> wrote:
    >
    >
    Hi Janice,
    If you choose to use the PrincipalValidatorImpl class in the
    weblogic.security.provider package, the sign() implementation
    will be the internal weblogic implementation. This implementation
    generates a random seed and computes a digest based on the
    random seed. I hope that helps you.
    Regards,
    Tom Hegadorn
    Sr. Developer Relations Engineer
    BEA Support
    "Janice Pang" <[email protected]> wrote:
    From the online documentations, it is said that this weblogic.security.provider.PrincipalValidatorImpl
    "signs" the authenticated principals to make sure they are not altered
    while they
    are transported on the network.
    The document also mentioned, as a suggested way to develop a customprincipal
    validation provider, to use this class and extend the capabilities of
    user and
    group classes. What kind of private information from the server isused
    for the
    signature and where is that information stored?

  • How to create default groups in Weblogic- Security Realms -- Groups

    Hi Team,
    Unfortunately I have deleted some default groups from Weblogic->Security Realms --> Groups. How to add the groups.
    Regards,
    Ravi.

    Hi Ravi,
    These are the defaults groups present inside Security Realms ,you can manually create them by
    Going inside Security Realms-->Users and Groups-->Groups-->New
    Administrators----Administrators can view and modify all resource attributes and start and stop servers-----------------------DefaultAuthenticator
    Deployers---------Deployers can view all resource attributes and deploy applications.---------------------------------------------DefaultAuthenticator
    Monitors-----------Monitors can view and modify all resource attributes and perform operations not restricted by roles.------DefaultAuthenticator
    Operators---------Operators can view and modify all resource attributes and perform server lifecycle operations.-------------DefaultAuthenticator
    Restart the Admin Server
    Regards
    FAbian

  • OWSM security for a OSB service- authenticate from weblogic security realms

    Hello,
    I have a requirement to add security to a OSB service.
    The user details are configured in weblogic security realms. lets say there are ten different users.
    I need to protect my osb service using OWSM policy & the policy should be configured to authenticate the user from realms.
    I am new to OWSM & wondering if this is possible?
    Can the experts please direct me to any docs or steps?
    Thanks
    Ganesh

    Hi,
    Thanks for the links.
    I followed the blog and configured it using oracle/wss_username_token_service_policy.
    Now my requirement is to send the username,password from proxy to business and to the BPEL. (the bpel needs this username /password & and in header)
    The issue I am facing is the proxy service is not sending the soap header details to business service.
    I dont want to make the proxy as passthrough. (ie set Process WS-Security Header to NO)
    I have to authorize on proxy level and then send the same credential details to business service?
    So the question is, how can I retrieve the header after osb process it?
    Can anyone please help me here?
    Thanks
    Ganesh

  • Weblogic security role

    Hi,
    I have a need to restrict access for certain users in WL will be OBIEE admins so they don't need access to the WL console but do need access to EM specifically coreapplication to deploy a new .rpd
    Ive tried an tire but just cant get a role to allow such specific access can any one shed some light. Any role i have created or configured allows access to em but then doesn't allow access to coreapplication from what I can see only the administrator role has the privillage.

    Chandramohan V <[email protected]> writes:
    Hai,
    I am chandramohan. I very new to Weblogic. I want some sample code for EJB Security(Basic level).There are samples in the kit and on dev2dev.bea.com
    andy

  • Weblogic.security.SecurityInitializationException: Authentication for user

    Folks,
    I've newly installed Weblogic server on my home laptop.
    I can't startup the weblogic server.
    Errors are
    Now, I know the location of the boot.properties file the server accesses, because if I delete and restart the server it asks for userid/password.
    If that file does not exists it gives the following error
    weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
    So, I thought the best way is to RECOVER the password and tried following the steps
    1. At the command line, change directory to the domain and run the setEnv script to set the PATH and CLASSPATH.
    2. cd <domain_home>/security
    3. mv DefaultAuthenticatorInit.ldift DefaultAuthenticatorInit.ldift_BKP
    4. run java weblogic.security.utils.AdminAccount <tempadmin> <temppassword> ./
    -above command will Create a new DefaultAuthenticatorInit.ldift
    4. cd <domain_home>/servers/<AdminServer>/data/ldap
    5. mv DefaultAuthenticatormyrealmInit.initialized DefaultAuthenticatormyrealmInit.initialized_BKP
    6. Restart the Admin Server.
    7. Login with new username/password
    The question is how do I run Step 4) above? Like what is the Java home, or jar file that has the weblogic.security.utils.AdminsAccount class?
    Thanks
    Ravi

    The class "weblogic.security.utils.AdminAccount" is part of weblogic.jar
    And JAVA_HOME would be the java installation directory, for example "D:\Middleware\wls1036\jdk160_29\bin"
    So, for example, the same command can be read as
    D:\Middleware\wls1036\jdk160_29\bin\java -cp D:\Middleware\wls1036\wlserver_10.3\server\lib\weblogic.jar weblogic.security.utils.AdminAccount <tempadmin> <temppassword> .
    OR
    Another option for you is to just run setDomainEnv to set the JAVA_HOME and CLASSPATH variables for us.
    For windows open a command prompt and run,
    <domain_home>/bin/setDomainEnv.cmd
    For linux run,
    . <domain_home>/bin/setDomainEnv.sh {Remember the dot and space, ". ", at the beginning are very important for a open shell with the environment variables set}
    After running the above command, then cd <domain_home>/security (step 2)
    Now, after doing the above, you can directly run the command in step 4
    java weblogic.security.utils.AdminAccount <tempadmin> <temppassword> ./
    Arun

  • Weblogic Security Queries

    Hi All,
    My requirements are as follows:
    1) Have a central repository like the iplanet Directory server to store the information
    of users,groups etc
    2)Perform identity management to manage roles and permissions This includes the
    ability to define users, resources, and abstract concepts such as a user role
    or a group
    3)The final requirement is access management. This is the enforcement of which
    users have access to what information. It includes authentication and authorization
    mechanisms to make sure someone is who they claim to be and that they have the
    authority to get the information they requested, and access management to enforce
    the permissions
    I need to achieve these requirements for my Portal application. My queries for
    the same are as follows
    1)The default Weblogic authetication providers can be used to authenticate users
    located on iplanet Directory server.
    2)But my doubt is with the authorization provider, Role Mapper providers etc they
    seem to be tightly coupled to the embedded LDAP. In order to solve my requirements
    on 2 and 3 what are the approaches that are available.
    3)I also have tried to create a new Realm that the Iplanet authentication provider
    configured to authenticate against iPlanet LDAP and also the other default providers
    that come along with
    weblogic to do authorization checks. When I try to start my server I get the following
    errror and the server does not start.
    <Nov 28, 2003 4:58:31 PM GMT+05:30> <Critical> <Security> <BEA-090404> <User weblogic
    is not permitted to boot the server; The
    server policy may have changed in such a way that the user is no longer able to
    boot the server.Reboot the server with the administrative user account or contact
    the system administrator to update the server policy definitions.>
    The WebLogic Server did not start up properly.
    Reason: weblogic.security.SecurityInitializationException: User weblogic is not
    permitted to boot the server; The server policy
    may have changed in such a way that the user is no longer able to boot the server.Reboot
    the server with the administrative us
    er account or contact the system administrator to update the server policy definitions.
    Can anyone suggest me any ways to solve my queries and if you could provide some
    input on how to solve my requirements that will be very useful and we are WLS
    shop so the solution should be within the reach of weblogic server security

    Hi,
    This is w.r.t the same query.
    1)Where do you want your role and policy information stored? How is your role
    and policy information defined? The WLS framework is limited to WLS resources
    (ejbs,
    webapps,jdbc connection pools, etc.)
    Ans) The Roles and Policies are defined in the External LDAP.
    "Anand" <[email protected]> wrote:
    >
    Hi,
    Thanks for your replies. I have a couple of other queries which are as
    follows:
    1. How do we decouple the Embeded LDAP and connect to External LDAP Server
    for
    Authentication and Authorization( I prefer iPlanet LDAP Server)
    2. Is Portal WLS resource ? If so I want to build a Access Control List.
    3. Can you point me to any resource which guides me how to configure
    iPlanet server
    for authentication and Authorization. I am a novice. This tutorial/sample
    should
    include all necessary codes.
    "Peter" <PeterB> wrote:
    "Anand" <[email protected]> wrote in message
    news:[email protected]...
    Hi All,
    My requirements are as follows:
    1) Have a central repository like the iplanet Directory server to
    store
    the information
    of users,groups etc
    2)Perform identity management to manage roles and permissions Thisincludes the
    ability to define users, resources, and abstract concepts such as
    a
    user
    role
    or a group
    3)The final requirement is access management. This is the enforcementof
    which
    users have access to what information. It includes authentication
    and
    authorization
    mechanisms to make sure someone is who they claim to be and that theyhave
    the
    authority to get the information they requested, and access managementto
    enforce
    the permissions
    I need to achieve these requirements for my Portal application. Myqueries
    for
    the same are as follows
    1)The default Weblogic authetication providers can be used to authenticateusers
    located on iplanet Directory server.
    2)But my doubt is with the authorization provider, Role Mapper providersetc they
    seem to be tightly coupled to the embedded LDAP. In order to solvemy
    requirements
    on 2 and 3 what are the approaches that are available.The role mapper and authorization providers do store roles and policies
    in
    embedded
    ldap server.
    Where do you want your role and policy information stored? How is your
    role
    and policy
    information defined? The WLS framework is limited to WLS resources (ejbs,
    webapps,
    jdbc connection pools, etc.)
    3)I also have tried to create a new Realm that the Iplanet authenticationprovider
    configured to authenticate against iPlanet LDAP and also the otherdefault providers
    that come along with
    weblogic to do authorization checks. When I try to start my serverI get
    the following
    errror and the server does not start.
    WLS uses the server resource to determine if you can boot the server.
    There
    is a policy
    that allows users with admin or operator role. The default for thatrole
    is
    member
    of the administrators or operators group. You can change this role
    expression with
    the console.
    Therefore, check to see if your boot user is a member of the administrators
    group.
    >

  • Weblogic.security.X509 alternative in WLS 9.1

    Hi All
    We have setup IIS 5.0 with 2 way SSL for client connection. We have also configured IIS weblogic proxy for Weblogic 9.1 using iisproxy.dll. The connection between IIS and WebLogic 9.1 is HTTP based. We are trying to get the client certificate in Weblogic 9.1 using the following code
    java.security.cert.X509Certificate certs [];
    certs = (java.security.cert.X509Certificate [])
    request.getAttribute("javax.servlet.request.X509Certificate");
    However the returned certificates are NULL.
    We have also enabled Client Cert Proxy and Weblogic Plug-in in Weblogic 9.1 configuration.
    We are trying to migrate from weblogic 8 to 9.1 and our previous code was as follows
    weblogic.security.X509 [] certs = (weblogic.security.X509[])req.getAttribute("javax.net.ssl.peer_certificates");
    This code work fine with the same IIS setup. Since weblogic.security.X509 is removed in WLS 9.1 we are forced to change our code.
    Please help!
    Message was edited by:
    rmkandan

    hi
    Currently I am using
    req.getHeader("WL-Proxy-Client-Cert")
    to get the client certificate and then i do the following to get the X509 cert format
         if (pemCert != null && pemCert.length() > 0 ){
              pemCertBuff.append("-----BEGIN CERTIFICATE-----");
              pemCertBuff.append(pemCert);
              pemCertBuff.append("-----END CERTIFICATE-----");
         System.out.println("CertificateUtil:getFingerPrint: pemCertBuff --"+pemCertBuff.toString());
         X509Certificate certs = null;
         try {
              CertificateFactory cf = CertificateFactory.getInstance("X.509");
              ByteArrayInputStream bis = new ByteArrayInputStream(pemCertBuff.toString().getBytes());
              weblogic.security.PEMInputStream pemIs = new weblogic.security.PEMInputStream(bis);
              BufferedInputStream bufis = new BufferedInputStream(pemIs);
              certs = (X509Certificate)cf.generateCertificate(bufis);
         } catch (CertificateException e) {
              // TODO Auto-generated catch block
              e.printStackTrace();
         } catch (IOException e) {
              // TODO Auto-generated catch block
              e.printStackTrace();
    And I am able to get the certificate, but I need to know is there any other elegant way to get the certificate as we did using weblogic.security.X509 class?
    Please help!!
    Message was edited by:
    rmkandan

  • Weblogic Security Propagation

    Hi,
    I am trying to propagate Custom principal from thick client to WLS server 8.1 sp3. I use Authenticate.authenticate() at client side login module (jar at client side is weblogi.jar; i have my own Authentication provider at the server domain) and everything works fine. But once the user does a logout and re-login (application does not exit) the old security attribute inside the subject get propagated again not the new one.
    I don't have access to main thread which means Security.runAs is not vaiable for me.
    options i tired :
    1) subject.getPrincipals().clear; subject = null;
    2) weblogic.security.authenticatePushSubject system property, in which case, first call after login propagated the correct Subject amd from the next call onwards it went back to the old Subject.
    3) Authenticate.logout() in the logout of my LoginModule
    nothing works.
    is there any other way to ensure that old Subject is removed and new subject is pushed to the stack.
    Any known solution to this?
    thanks in advance
    Raj

    solved it.
    used SwingUtils.invokelater() at client side to make sure that login happens in event queue +
    weblogic.security.authenticatePushSubject to true +
    clearing all contexts and principals at logout
    made sure that new subject is available for further calls.
    only worry is , when bea is going to deprecate the weblogic.security.authenticatePushSubject property....
    sorry for disturbing busy minds
    thanks
    Raj

  • Weblogic.security.CipherException: Incorrect block length 256 (modulus

    Hi,
    I have a stand alone java client which runs in the weblogic 8.1 server and when I tried to connect to the external site using the weblogic's HttpsURLConnection ,its throws the below exception.
    weblogic.security.CipherException: Incorrect block length 256 (modulus length 128)
    <Info> <Security> <BEA-090511> <The following exception has occurred:
    weblogic.security.CipherException: Incorrect encrypted block
         at weblogic.security.RSApkcs1.decrypt(RSApkcs1.java:205)
         at weblogic.security.RSAMDSignature.verify(RSAMDSignature.java:89)
         at weblogic.security.X509.verifySignature(X509.java:246)
         at weblogic.security.X509.verify(X509.java:176)
         at weblogic.security.SSL.SSLCertificate.verify(SSLCertificate.java:133)
         at weblogic.security.SSL.SSLCertificate.input(SSLCertificate.java:116)
         at weblogic.security.SSL.Handshake.input(Handshake.java:121)
         at weblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1117)
         at weblogic.security.SSL.SSLSocket.clientInit(SSLSocket.java:432)
         at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:276)
         at weblogic.security.SSL.SSLSocket.<init>(SSLSocket.java:222)
         at weblogic.security.SSL.SSLSocketFactory.createSocket(SSLSocketFactory.java:213)
         at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:238)
         at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:389)
         at weblogic.net.http.HttpsClient.<init>(HttpsClient.java:209)
         at weblogic.net.http.HttpClient.New(HttpClient.java:228)
         at weblogic.net.http.HttpsURLConnection.getHttpClient(HttpsURLConnection.java:246)
         at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:217)
         at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:319)
         at HttpsConnect.main(HttpsConnect.java:13)
    <Info> <SSL> <000000> <weblogic.security.AuthenticationException: Incorrect encrypted block possibly incorrect SSLServerCertificateChainFileName set for this server certificate>
    java.io.IOException: weblogic.security.AuthenticationException: Incorrect encrypted block possibly incorrect SSLServerCertificateChainFileName set for this server certificate
    at weblogic.security.SSL.SSLCertificate.verify(SSLCertificate.java:172)
    at weblogic.security.SSL.SSLCertificate.input(SSLCertificate.java:116)
    at weblogic.security.SSL.Handshake.input(Handshake.java:121)
    at weblogic.security.SSL.SSLSocket.getHandshake(SSLSocket.java:1117)
    at weblogic.security.SSL.SSLSocket.clientInit(SSLSocket.java:432)
    at weblogic.security.SSL.SSLSocket.initialize(SSLSocket.java:276)
    at weblogic.security.SSL.SSLSocket.<init>(SSLSocket.java:222)
    at weblogic.security.SSL.SSLSocketFactory.createSocket(SSLSocketFactory.java:213)
    at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:238)
    at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:389)
    at weblogic.net.http.HttpsClient.<init>(HttpsClient.java:209)
    at weblogic.net.http.HttpClient.New(HttpClient.java:228)
    at weblogic.net.http.HttpsURLConnection.getHttpClient(HttpsURLConnection.java:246)
    at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:359)
    at HttpsConnect.main(HttpsConnect.java:13)
    I verified the certifiate chain by using the weblogic's ValidateCertChain utility, and the output seems to be confusing for the intermediate site and the entity site.
    java utils.ValidateCertChain -pem inter.cerCert[0]: CN=VeriSign Class 3 International Server CA - G3,OU=Terms of use at https://www.verisign.com/r
    pa (c)10,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US
    Certificate chain is incomplete, can't confirm the entire chain is valid
    Certificate chain appears valid
    Any pointers will be appreciated.

    This might be because Verisign has included anadditional intermediate certificate in its chain
    You can find it here
    https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR657&actp=search&viewlocale=en_US
    Contact Verisign Support, u can chat with them even...
    Let me know if you have any doubt.
    Cheers!
    Faisal
    http://www.weblogic-wonders.com

  • Weblogic.security.acl in Weblogic 6

    I came across the following in the migration documention
    (http://edocs.bea.com/wls/docs60/notes/migrate.html#1026915):
    I'm assuming that this is just a typo or wording issue but it currently
    reads "weblogic.security.acl" is deprecated? Can't be the whole package.
    Anyone else notice this?
    Deprecated APIs and Features
    The following APIs and features are deprecated in anticipation of future
    removal from the product:
    a.. weblogic.security.acl
    b.. WebLogic Events
    WebLogic Events are deprecated and should be replaced by JMS messages with
    NO_ACKNOWLEDGE or MULTICAST_NO_ACKNOWLEDGE delivery modes. See Programming
    WebLogic JMS for more information.
    c.. WebLogic HTMLKona
    d.. T3 Driver

    request.getRemoteUser() still works fine for me after I implented a custom
    Autthenication / LoginModule.
    "patrik" <[email protected]> wrote in message
    news:[email protected]..
    >
    Yes, I have. see:
    http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.develo
    per.interest.security&item=8553&utag=
    >
    But if you've managed to get out the information from it I'd be gratefulto know
    how.
    /Patrik
    "Utpal" <[email protected]> wrote:
    Have you tried weblogic.security.Security.getCurrentSubject() ??
    -utpal

  • Weblogic security - acegi

    Hi,
    My application was using acegi security for basic authentication and now I am trying to deploy it under weblogic9.2. I am facing a problem that I need to define the users in weblogic security also to get it authenticated and so browser asks user/password twice, once for weblogic and once for acegi. Can anybody where I might be making mistake.
    My web.xml has this,
         <filter>
              <filter-name>Acegi Filter</filter-name>
              <filter-class>
                   org.acegisecurity.util.FilterToBeanProxy
              </filter-class>
              <init-param>
                   <param-name>targetClass</param-name>
                   <param-value>
                        org.acegisecurity.util.FilterChainProxy
                   </param-value>
              </init-param>
         </filter>
         <filter-mapping>
              <filter-name>Acegi Filter</filter-name>
              <url-pattern>/*</url-pattern>
         </filter-mapping>
    Please inform me about the problem,
    Best regards,
    mik

    There are some information you might be able to find in a SpringOne presentation. It contains the latest information on Spring integration with WebLogic Server, Coherence, and TopLink, respectively. It cites http://www.interface21.com/pitchfork, which contains download links.
    You might also would like to check the following link:
    http://www.oracle.com/technology/tech/java/spring/index.html
    http://www.infoq.com/news/Spring-WebLogic-EJB3
    I am not pretty sure how much it is related to your doubt, however still posting so that those link can be found by anyone browsing for Spring query
    /ed

  • Weblogic.security.cache.debug property for wls 6.1

    Hi,
    how can I set the weblogic.security.cache.debug property that worked with wls
    5.1. with the new 6.1 version ?
    Thanks a milion!

    With database concurrency, there is one instance per primary key per
    transaction.
    So if tx-1 calls pk 'Rob' and tx-2 calls pk 'Rob', they'll each have their own
    instance.
    -- Rob
    levi wrote:
    From weblogic ejb spec, it is said that for WLS 6.1 the default locking
    services is Database locking now. The container will defer locking services
    to the underlying database.
    My question is in WLS6.1, for a single row of data record stored in the
    underlying database, how many entity beans for this specific record in a
    single WebLogic container can have? I know that in WLS5.1, there's only 1
    entity bean instance for a specific record.
    If in WLS6.1 there's still only 1 entity bean instance for a data record,
    how does the container deal with the case in which multiple clients try to
    update this entity bean concurrently (and at this time the container use
    database locking service)?
    Thanks,
    Levi

Maybe you are looking for

  • I was playing a game and it froze, reset it and it now says 'no music'.  help!  (it's not attached to my computer)

    80gb iPod classic, only about 2200 songs on it.  was playing one of the preinstalled gams on the ipod while on the bus today, and it froze as it was loading.  so i did the normal thing to reset it and when it started back up it says there is 'no musi

  • Should I upgrade to Snow?

    I'm thinking in buying the Snow Leopard, but I'm having doubts about this upgrade. At this moment my Macbook pro works like a charm. Is the process of upgrading from 10.5.8 to Snow with no problems? What do I really win in upgrading? I'm a graphic De

  • How to view when a table was last used!!?

    Hi, Pls let me know where I can view when a table in the database was last utilitized i.e. any selection or manipulation was performed on it. Thanks in Advance, Abhi

  • How to invoke plsql block when press a button

    new to htmldb, let's say i have a form with some items , after i press a button, i want to invoke a plsql block, how can i do that? Cheers,

  • Copy/Paste Text from Word

    I've written a seminar on Word (Greek & English). I want this text on Director. When I copy the Word text and paste it on Director (on a text field) it changes the fonts. The problem is that, although I change the fonts on the whole text (to "Times N