Providing datasource for authentication in weblogic

Hi, I am facing a problem of authentication of user from weblogic when weblogic have mulitple datasources
My weblogic server have two data sources one is pmr and second is hr I have created two authentication providers one is using hr as data source and second is using pmr as datasource.
Now i have two applications one is pmrApp and second is hrApp.
Now I want to apply security on both application in such a way that hrApp user should be authenticated from hr datasource and pmrApp user from pmr datasource
because there will be a chance that both datasources contains two users with same user names. In this conditions weblogic should know that which user should be authenticated from which database
Please help me
Edited by: Rao on May 8, 2012 12:25 PM

apply security on both application in such a way that hrApp user should be authenticated from hr datasource and pmrApp user from pmr datasourceIt is not possible in WebLogic. The whole WLS security realm is common for all the deployed applications, so you cannot configure some application to use only some of the authentication providers. Even if you configure 2 different security realms, only one of them will be active. The only option you have is to create 2 separate WebLogic domains :(
Dimitar

Similar Messages

  • Add gridlink datasource to Multi Datasource for failover in weblogic

    We have a RAC installation for which I have configured a Gridlink datasource. Also we have a single node DB which is used as a failover database in case RAC is down.
    Now I want to configure a Multi Datasource so that I can add the Gridlink datasource as well as the Generic Datasource in the Multi Datasource and configure it for failover. But when I create the Multi Datasource, I do not see the option to add Gridlink datasource to Multidatasource.
    Can you please suggest what can be done to add the gridlink datasource to multidatasource? If this is not possible, then how can the Generic single node data source be configured as a failover datasource in case the Gridlink Datasource is down.
    Thanks in advance

    What is the problem you are trying to address? Is the issue the availability/non-availability of your RAC database? It may make sense to focus on this first.
    The normal use case for Multi Data Source is failover or load balancing between nodes of a highly available database, such as RAC which keeps data synchronised.
    I am not sure if using a Multi Data Source across Oracle RAC and a non RAC database is supported. If the intention is to provide a HA solution, you will need to have a data synchronisation solution as well. As this is what Oracle RAC does, we come back to my opening question.........
    I assume that Multi Data Sources cannot include Gridlink and non-Gridlink sources for these reasons and also because Gridlink is intended as a replacement for Multi Data Sources, providing better failover, load balancing and performance.
    Hope this is helpful
    Mark

  • Issue in configuring Datasource for Oracle DB 7 in weblogic 10.3 ( Urgent )

    Hi Gurus,
    We are trying to connect to a oracle db 7 instance from the oracle 11g SOA suite .
    I am not able to create a datasource for this DB instance .fails when getting invoked .
    <Apr 13, 2011 2:34:49 PM BST> <Error> <Console> <BEA-240003> <Console encountered the following error java.lang.NullPointerException
    at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1101)
    at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:303)
    at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:640)
    at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:205)
    at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:35)
    at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:554)
    at com.bea.console.utils.jdbc.JDBCUtils.testConnection(JDBCUtils.java:505)
    at com.bea.console.actions.jdbc.datasources.createjdbcdatasource.CreateJDBCDataSource.testConnectionConfiguration(Cre
    ateJDBCDataSource.java:458)
    Any clues to fix the issue.
    I added the ojdbc14.jar to the file and modified the weblogic.xml to use the
    <container-descriptor>
    <prefer-web-inf-classes>true</prefer-web-inf-classes>
    </container-descriptor>
    but getting the exception :
    <S:Body>
    <S:Fault xmlns:ns4="http://www.w3.org/2003/05/soap-envelope">
    <faultcode>S:Server</faultcode>
    <faultstring>oracle/i18n/text/converter/CharacterConverterOGS.getInstance(I)Loracle/sql/converter/CharacterConverters;</faultstring>
    <detail>
    <ns2:exception xmlns:ns2="http://jax-ws.dev.java.net/" class="java.lang.NoSuchMethodError" note="To disable this feature, set com.sun.xml.ws.fault.SOAPFaultBuilder.disableCaptureStackTrace system property to false">
    <message>oracle/i18n/text/converter/CharacterConverterOGS.getInstance(I)Loracle/sql/converter/CharacterConverters;</message>
    <ns2:stackTrace>
    Added the orai18n-*.jar files got the following Exception :
    ORA-01010:Invalid OCI operation
    Any help.....
    Rgds
    Vamsi
    Edited by: Kewlntrendy on 13-Apr-2011 08:34
    Edited by: Kewlntrendy on 13-Apr-2011 09:27

    I doubt that Oracle 7 DB is not supported. You may consider raising a SR with support.
    Regards,
    Anuj

  • Does Weblogic server 9.2 provide support for CRL checking

    Does Weblogic server 9.2 provide support for CRL checking?

    No, but you can create a custom CertPath provider for your own implementation.
    Mike
    Weblogic/J2EE Security Blog: http://monduke.com

  • How to find table name which provide data for the DataSource

    Hi friends,
    How to find the Table name which providing data for the Business content DataSources (Master Data). Is there any table or Transation which give datasource and Table name at once.
    Thanks&Regards
    Revathi

    Hi Revathi...........
    1)If the datasource is extracting data from any table.................open the datasource using RSO2..........there u will get the table name......
    2) If the datasource is extracting data from any view.............go to RSA2..........copy the view name..........go to SE11 >> give the view name >> and check..........
    3) If Datasource is Function module based............then u hav to check in RSA2 >> give the datasource name >> execute >> there u will find the Extract structure name......Copy the Extract Structure name >> Go to SE11 >> in the Data Element field give the Extract structure name >> Display >> From the Entry Help/Check tab u can get the Table name............
    If u double click on the Extractor..............u will get the Function Module..............from there also u can check that the FM extracting data from which tables............
    For Other datasources also...........u can get the structure name from here........
    4) If the Datasources r LO datasources............then u can get the table name in LBWE.............LO extractor - goto transaction LBWE.................... Select the maintenance link for your datasource............
    here in the right hand pane.........in the drop down box, you can see the structures associated with this extractor ........ just remove the MC for the structure names to get the base table names. e.g. EKKO for MCEKKO.
    5) There is a pattern for the Extract structure name for LO datasources.............for an example..........
    DataSource 2LIS_11_VAITM ......Extract structure name is  MC11VA0ITM
    2LIS_11_VAHDR  >> MC11VA0HDR
    Hope this helps.........
    Regards,
    Debjani.......

  • XE Datasource for Weblogic 10.3?

    Am attempting to create a XE JDBC datasource for WebLogic 10.3.
    Where do I find the driver for this database?
    Are there any 'tricks' to configuring this datasource?
    THANKS - Casey

    The Oracle JDBC drivers supplied with WebLogic 10.3 are for Oracle 11 and compatible with Oracle 10. Oracle XE is a stripped down Oracle 10.2. Therefore no need to install the Oracle XE specific JDBC drivers.
    --olaf                                                                                                                                                                                                                                                                                                                                                                                                                                                   

  • Hooking LDAP with Weblogic for Authentication

    I have a lot of users in an LDAP-Directory and I would like to map this directory to a Website on my Weblogic instance.
    Now, I've added LDAP into my Security Realm in Weblogic, what do i add to the web.xml ? Is this sufficient?
    Do I need to change anyting else in my Weblogic configuration than adding OpenLDAP Support in Authentication?
    Thanks!

    HI Tim,
    Yes LDAP can be used trough SAP BP CMS (BO authentication).
    That's means all the users has to be imported into CMS and after that BPC is using for authentication BO certificate to authenticate to CMS.
    So you have also SSO.
    You don't need Active directory in this case.
    Any way BPC is still working also with Microsoft Active directory without CMS but you have to decide what kind of authentication satisfy better customer requirements.
    You can use or Microsoft Active Directory or CMS but you cannot use both in the same time.
    Kind Regards
    Sorin Radulescu

  • LDAP security authentication in weblogic sp4 (URGENT)

    We have a web application which interacts to the D/B to authenticate a user during our login process. Now we are trying to change the login to LDAP authentication. Here is the List I did on weblogic configuration correct me if this is correct or if am missing any thing.
    1. Created a Realm
    2. Created a NOVELL LDAP Authenticator (configured user, groups, members, Novell LDAP, Details)
    3. Created a X.509 certificates ????? Do I need to create this one for authentication. The only question is I am confused by these parameters and help me out in figuring out these:
    a. filter attributes = cn=$subj.cn
    b. username attribute = cn
    c. userCertificate;binary ??? ( I have a certificate idmtree.der where do I add configuration about this certificate in the console)>>>>>>>>
    d. certificate mapping : ou=user,ou=$subj.ou,o=$subj.o,c=$subj.c (IS THIS CORRECT)
    4. created a new Weblogic Default Authorizer...
    5. created a new Weblogic Default Role Mapper...
    6. created a new Weblogic Default Credential Mapper ...(Do I need to setup my certificate inside this credential mapper or not.)
    7. I made this realm as the DEFAULT realm and started the server
    I get the following exception.
    Initializing RoleMapper provider using LDIF template file C:\bea\user_projects\domains\mydomain\.\DefaultRoleMapperInit.ldift.>
    The RoleMapper provider has had its LDIF information loaded from: C:\bea\user_projects\domains\mydomain\.\DefaultRoleMapperInit.ldift>
    Initializing Authorizer provider using LDIF template file C:\bea\user_projects\domains\mydomain\.\DefaultAuthorizerInit.ldift.>
    The Authorizer provider has had its LDIF information loaded from: C:\bea\user_projects\domains\mydomain\.\DefaultAuthorizerInit.ldift>
    Loading trusted certificates from the jks keystore file C:\bea\weblogic81\server\lib\DemoTrust.jks.>
    Loading trusted certificates from the jks keystore file C:\bea\JDK142~1\jre\lib\security\cacerts.>
    Loading trusted certificates from the jks keystore file C:\bea\weblogic81\server\lib\DemoTrust.jks.>
    Loading trusted certificates from the jks keystore file C:\bea\JDK142~1\jre\lib\security\cacerts.>
    Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure.>
    Server failed during initialization. Exception:weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection - with nested exception:
    [java.lang.reflect.InvocationTargetException - with target exception:
    [netscape.ldap.LDAPException: [Security:090477]Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure. (91)]]
    weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection - with nested exception:
    [java.lang.reflect.InvocationTargetException - with target exception:
    [netscape.ldap.LDAPException: [Security:090477]Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure. (91)]]
    at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:205)
    at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:262)
    at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(SecurityServiceManagerDelegateImpl.java:581)
    at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:420)
    at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:700)
    at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:733)
    at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:876)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:734)
    at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:822)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:670)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:344)
    at weblogic.Server.main(Server.java:32)
    >
    ####<Apr 6, 2006 10:42:55 AM CDT> <Emergency> <WebLogicServer> <DXPCHI029398> <myserver> <main> <<WLS Kernel>> <> <BEA-000342> <Unable to initialize the server: weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection - with nested exception:
    [java.lang.reflect.InvocationTargetException - with target exception:
    [netscape.ldap.LDAPException: [Security:090477]Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure. (91)]]>
    ANY HELP on this would be greatly appreciated am totally exhausted seeing these error messages from morning.
    I would like to know if I need a client for connecting to this LDAP authenticator. As am using the Novell API to access the LDAP directory. Let me know, and if so can some one provide me a snippet code.\
    Waiting for response.
    thanks in advance
    kiran

    Hi Christoper,
    Based on your description, this seems to be more of a security related question than a workshop one.
    Please post to the security newsgroup at http://forums.bea.com/bea/category.jspa?categoryID=2011
    with information on service pack installed
    Thanks
    Raj

  • Setting up LDAP for authentication to portal:default property set named "ldap

    Hi
    I am trying to implement the LDAP authentication to WebLogic Portal .Iam went
    thru the docmentation ( http://edocs.bea.com/wlp/docs40/p13ndev/users.htm#1131824).It
    mentions using the default property set named "ldap" and deploying ldapprofile.jar.My
    quenstion is:
    -Is there a way to look into the property using EBCC
    - Apart from deploying,configuring the ldapprofile.jar,do I have to do any additional
    steps in order to make my portal(say,stockportal) authenticate users from LDAP?
    -If a create my own portal,should I create a similar "ldap" property set?If so,how.
    Any suggestions/help is appreciated.Thanks
    - Mike

    Thanks Dave.
    "David Anderson" <[email protected]> wrote:
    You should be able to view the property set for LDAP through the EBCC
    if you
    have the propertysetws.jar installed in your Portal domain. This provides
    the ability for the EBCC to retrieve property set information from your
    server.
    Dave
    "mike" <[email protected]> wrote in message
    news:[email protected]...
    Hi Adrian
    Thank you for the pointers.Much appreciate it.However,one questionstill
    persists.
    What is the significance of the property set "ldap" mentioned in the
    document(http://edocs.bea.com/wlp/docs40/p13ndev/users.htm#1131824).Where
    does this property set feature vis-a-vis setting up LDAP securityrealm;does it
    mater prior to/after the setting up as mentioned in the document pointeryou just
    gave .
    Is it sufficinet that i follow the procedure to set up the LDAP oris
    there more
    to post setting,like creating a property set (similar to "ldap" orcloning
    it)
    apaprt frpom deploying ldapprofile.jar.
    Thanks.
    - Mike
    "Adrian Fletcher" <[email protected]> wrote:
    Mike,
    The documentation that covers LDAP authentication is listed under
    Weblogic
    Server rather than Weblogic Portal.
    See Configuring the LDAP Security Realm in Managing Security
    (http://e-docs.bea.com/wls/docs61////adminguide/cnfgsec.html#1071872)
    Also take a look at the FAQ - Why can't I boot WebLogic Server whenusing
    the LDAP Security Realm?
    (http://e-docs.bea.com/wls/docs61//faq/security.html#25833)
    Hope this helps,
    Sincerely,
    Adrian.
    Adrian Fletcher.
    Senior Software Engineer,
    BEA Systems, Inc.
    Boulder, CO.
    email: [email protected]
    "mike" <[email protected]> wrote in message
    news:[email protected]...
    Hi
    I am trying to implement the LDAP authentication to WebLogic Portal.Iam
    went
    thru the docmentation
    http://edocs.bea.com/wlp/docs40/p13ndev/users.htm#1131824).It
    mentions using the default property set named "ldap" and deployingldapprofile.jar.My
    quenstion is:
    -Is there a way to look into the property using EBCC
    - Apart from deploying,configuring the ldapprofile.jar,do I have
    to
    do any
    additional
    steps in order to make my portal(say,stockportal) authenticate usersfrom
    LDAP?
    -If a create my own portal,should I create a similar "ldap" propertyset?If so,how.
    Any suggestions/help is appreciated.Thanks
    - Mike

  • RDBMS Authentication in Weblogic Portal console 8.1 (SP5)

    HI,
    I have configured RDBMSBased authentication for oracle in Weblogic portal console 8.1.For Authenticating thru code,do i need to write any custom authentication for RDBMS or Is there any default authenticator?
    Regards,
    Senthil

    Hi subha,
    Thanks for ur reply.
    U meant to say that i need to create RDBMSBeased Authentication provider for oracle in the existing myRealm. This RDBMS authenticator is one of the authenticator in the Authenticator list.Am i correct?
    I have certain issues regarding this type of config:
    1)If i create a user thru program,where does it go? either embaddedLDAP or oracle database
    2)Since point base not used in production,we have to use oracle for Authentication as well as Autherization server.
    In the default configuration, user preferences are stored in point base database but it should go to oracle.
    Is it possible to redirect to oracle?
    What i had done that I have created new Realm where i configured RDBMSBased authenticator. Using this config, can i do Authentication as well as Authorization?
    Pls suggest.
    Regards,
    Senthil

  • SSL Authentication in weblogic 5.1

    Hi
    I am using SSL in my weblogic application. So that it asks for the username and
    password while startup. But now i want to mention the username and password in
    weblogic.properties file itself. So that the client need not have to provide the
    username and password. I am using weblogic server 5.1 version.
    How do i do this?
    Hope my question is clear. Please help.
    with regds
    siva

    Hi Michael
    I am using SSL in my application. So that it asks for the certificate username
    and password while startup. But now i want to mention the username and password
    in weblogic.properties file itself. So that the client need not have to provide
    the username and password everytime. I am using weblogic server 5.1 version.
    How do i do this?
    Hope my question is clear. Please help.
    with regds
    siva
    Michael Young <[email protected]> wrote:
    Hi.
    It's not 100% clear to me what you are asking for. Do you want authentication
    turned off for
    your application? That will certainly turn off prompting for authentication
    information. You
    can set your ACL for your application (in your properties file) to allow
    everyone to execute
    it. Something like:
    weblogic.allow.execute.<myApplication>=everyone
    But maybe you want some kind of silent authentication so that not everyone
    can execute your
    app? I suppose you could pass authentication info in a cookie. I really
    don't know enough
    about your application, though.
    I suggest you post this question in weblogic.developer.interest.security
    - you have a better
    chance of getting an answer there for security related questions.
    Hope this helps.
    Michael
    siva wrote:
    Hi all,
    I have the following requirements. I have an application which asksfor the authentication
    information like username and password at first. The application isrunning in
    weblogic5.1 server. Is there a way where in weblogic.properties file,i mention
    the username and password so that the application will not ask forin the browser.
    please help. It's urgent.
    with regds
    siva--
    Developer Relations Engineer
    BEA Support

  • Authentication in weblogic 5.1

    Hi all,
    I have the following requirements. I have an application which asks for the authentication
    information like username and password at first. The application is running in
    weblogic5.1 server. Is there a way where in weblogic.properties file, i mention
    the username and password so that the application will not ask for in the browser.
    please help. It's urgent.
    with regds
    siva

    Hi Michael
    I am using SSL in my application. So that it asks for the certificate username
    and password while startup. But now i want to mention the username and password
    in weblogic.properties file itself. So that the client need not have to provide
    the username and password everytime. I am using weblogic server 5.1 version.
    How do i do this?
    Hope my question is clear. Please help.
    with regds
    siva
    Michael Young <[email protected]> wrote:
    Hi.
    It's not 100% clear to me what you are asking for. Do you want authentication
    turned off for
    your application? That will certainly turn off prompting for authentication
    information. You
    can set your ACL for your application (in your properties file) to allow
    everyone to execute
    it. Something like:
    weblogic.allow.execute.<myApplication>=everyone
    But maybe you want some kind of silent authentication so that not everyone
    can execute your
    app? I suppose you could pass authentication info in a cookie. I really
    don't know enough
    about your application, though.
    I suggest you post this question in weblogic.developer.interest.security
    - you have a better
    chance of getting an answer there for security related questions.
    Hope this helps.
    Michael
    siva wrote:
    Hi all,
    I have the following requirements. I have an application which asksfor the authentication
    information like username and password at first. The application isrunning in
    weblogic5.1 server. Is there a way where in weblogic.properties file,i mention
    the username and password so that the application will not ask forin the browser.
    please help. It's urgent.
    with regds
    siva--
    Developer Relations Engineer
    BEA Support

  • Active Directory Authentication in Weblogic 8.1

    Hi,
    We want to do authentication from Microsoft Active Directory using weblogic 8.1.
    I have created a Active directory and
    configured weblogic from console to use it. But it is still not working. Your
    help with these question would be highly
    appreciated.
    1. Is there anyone in group who have tried this before. Please let me know how
    to proceed.
    2. Is there any tool by which I can get to know the different attribute asked
    for configuration in Weblogic?
    3. I am not able to login to my application after configuration. Is there any
    other way to come to know whether it is working
    or not?
    There could be plethora of reason but nothing which can come to my mind. Everything
    seems to be configured correctly. Here is
    portion of my config.xml related with authentication:
    <FileRealm Name="wl_default_file_realm"/>
    <PasswordPolicy Name="wl_default_password_policy"/>
    <Realm FileRealm="wl_default_file_realm" Name="wl_default_realm"/>
    <Security GuestDisabled="false" Name="vendavo-dev"
    PasswordPolicy="wl_default_password_policy"
    Realm="wl_default_realm" RealmSetup="true">
    <weblogic.security.providers.authentication.DefaultAuthenticator
    ControlFlag="SUFFICIENT"
    Name="Security:Name=myrealmDefaultAuthenticator" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.authentication.DefaultIdentityAsserter
    ActiveTypes="AuthenticatedUser"
    Name="Security:Name=myrealmDefaultIdentityAsserter" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.authorization.DefaultRoleMapper
    Name="Security:Name=myrealmDefaultRoleMapper" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.authorization.DefaultAuthorizer
    Name="Security:Name=myrealmDefaultAuthorizer" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.authorization.DefaultAdjudicator
    Name="Security:Name=myrealmDefaultAdjudicator" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.credentials.DefaultCredentialMapper
    Name="Security:Name=myrealmDefaultCredentialMapper" Realm="Security:Name=myrealm"/>
    <weblogic.management.security.authentication.UserLockoutManager
    Name="Security:Name=myrealmUserLockoutManager" Realm="Security:Name=myrealm"/>
    <weblogic.management.security.Realm
    Adjudicator="Security:Name=myrealmDefaultAdjudicator"
    AuthenticationProviders="Security:Name=myrealmDefaultAuthenticator|Security:Name=myrealmDefaultIdentityAsserter|Security:Name
    =myrealmADAuthenticator"
    Authorizers="Security:Name=myrealmDefaultAuthorizer"
    CredentialMappers="Security:Name=myrealmDefaultCredentialMapper"
    DefaultRealm="true" DisplayName="myrealm"
    Name="Security:Name=myrealm"
    RoleMappers="Security:Name=myrealmDefaultRoleMapper"
    UserLockoutManager="Security:Name=myrealmUserLockoutManager"/>
    <weblogic.security.providers.pk.DefaultKeyStore
    Name="Security:Name=myrealmDefaultKeyStore" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.authentication.ActiveDirectoryAuthenticator
    ControlFlag="SUFFICIENT" Credential="{3DES}hvEo4sy7g1E="
    DisplayName="ADAuthenticator" FollowReferrals="false"
    GroupBaseDN="ou=ou=Groups,dc=devdc,dc=com" Host="venper5"
    Name="Security:Name=myrealmADAuthenticator"
    Principal="vendev" Realm="Security:Name=myrealm" UserBaseDN="ou=Users,dc=devdc,dc=com"/>
    </Security>
    First, of all is it possible to use Active Directory authentication in Weblogic
    without writing any custom code. If yes, how?
    Thanks in advance,
    Amit Tyagi

    Amit,
    We have successfully used WLS 8.1 sp1 with AD - but not without our share of ups
    and downs though.
    |
    |
    1) First, make sure you are sending right LDAP queries to AD. To verify this,
    we used free 3rd party LDAP browser from Softerra. There is also java based free
    browser from Univ of Michigan. Personally, I like Softerra's LDAP browser better.
    Play with your LDAP settings using this and make sure AD is returning the right
    data.
    |
    2) AD has some default settings that makes it return only the top 1000 users.
    Use ntdsutil.exe to modify these default settings
    |
    3) AD needs to have the right set of users and groups. To configure this, refer
    to WLS docs. This is very well documented in WLS docs. Also refer to this article
    http://dev2dev.bea.com/products/wlportal/whitepapers/wlp70_MSADS.jsp as additional
    reference
    |
    4) Also, there are some bugs with 8.1 portal sp1 and AD. It cannot take more than
    one Authentication provider. sp2 is supposed to have fixed it. For sp1 we used
    another product AD/AM (AD in Application Mode) in combination with MIIS server.
    But if you are using sp2, you shouldn't be worry about this.
    |
    5) In your providers, you might want to get rid of the DefaultAuthentication provider,
    once you are able to establish a connection with your ActiveDirectoryAuthentication
    provider. The DefaultAuthentication provider causes some problems and does not
    let ActiveDirectoryAuthentication provider to behave properly. We haven't fully
    investgated the root of this prob. When we deleted DefaultAuthentication provider,
    everything worked normally - so we didn't really care that much :-)
    |
    6) Make sure you have your JAAS options set to OPTIONAL initially and make sure
    your are able to authenticate talk to your AD.
    |
    These are the ones I could think of. Hope this helps..
    Regards,
    Anant
    "Amit" <[email protected]> wrote:
    >
    Hi,
    We want to do authentication from Microsoft Active Directory using weblogic
    8.1.
    I have created a Active directory and
    configured weblogic from console to use it. But it is still not working.
    Your
    help with these question would be highly
    appreciated.
    1. Is there anyone in group who have tried this before. Please let me
    know how
    to proceed.
    2. Is there any tool by which I can get to know the different attribute
    asked
    for configuration in Weblogic?
    3. I am not able to login to my application after configuration. Is there
    any
    other way to come to know whether it is working
    or not?
    There could be plethora of reason but nothing which can come to my mind.
    Everything
    seems to be configured correctly. Here is
    portion of my config.xml related with authentication:
    <FileRealm Name="wl_default_file_realm"/>
    <PasswordPolicy Name="wl_default_password_policy"/>
    <Realm FileRealm="wl_default_file_realm" Name="wl_default_realm"/>
    <Security GuestDisabled="false" Name="vendavo-dev"
    PasswordPolicy="wl_default_password_policy"
    Realm="wl_default_realm" RealmSetup="true">
    <weblogic.security.providers.authentication.DefaultAuthenticator
    ControlFlag="SUFFICIENT"
    Name="Security:Name=myrealmDefaultAuthenticator" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.authentication.DefaultIdentityAsserter
    ActiveTypes="AuthenticatedUser"
    Name="Security:Name=myrealmDefaultIdentityAsserter" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.authorization.DefaultRoleMapper
    Name="Security:Name=myrealmDefaultRoleMapper" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.authorization.DefaultAuthorizer
    Name="Security:Name=myrealmDefaultAuthorizer" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.authorization.DefaultAdjudicator
    Name="Security:Name=myrealmDefaultAdjudicator" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.credentials.DefaultCredentialMapper
    Name="Security:Name=myrealmDefaultCredentialMapper" Realm="Security:Name=myrealm"/>
    <weblogic.management.security.authentication.UserLockoutManager
    Name="Security:Name=myrealmUserLockoutManager" Realm="Security:Name=myrealm"/>
    <weblogic.management.security.Realm
    Adjudicator="Security:Name=myrealmDefaultAdjudicator"
    AuthenticationProviders="Security:Name=myrealmDefaultAuthenticator|Security:Name=myrealmDefaultIdentityAsserter|Security:Name
    =myrealmADAuthenticator"
    Authorizers="Security:Name=myrealmDefaultAuthorizer"
    CredentialMappers="Security:Name=myrealmDefaultCredentialMapper"
    DefaultRealm="true" DisplayName="myrealm"
    Name="Security:Name=myrealm"
    RoleMappers="Security:Name=myrealmDefaultRoleMapper"
    UserLockoutManager="Security:Name=myrealmUserLockoutManager"/>
    <weblogic.security.providers.pk.DefaultKeyStore
    Name="Security:Name=myrealmDefaultKeyStore" Realm="Security:Name=myrealm"/>
    <weblogic.security.providers.authentication.ActiveDirectoryAuthenticator
    ControlFlag="SUFFICIENT" Credential="{3DES}hvEo4sy7g1E="
    DisplayName="ADAuthenticator" FollowReferrals="false"
    GroupBaseDN="ou=ou=Groups,dc=devdc,dc=com" Host="venper5"
    Name="Security:Name=myrealmADAuthenticator"
    Principal="vendev" Realm="Security:Name=myrealm" UserBaseDN="ou=Users,dc=devdc,dc=com"/>
    </Security>
    First, of all is it possible to use Active Directory authentication in
    Weblogic
    without writing any custom code. If yes, how?
    Thanks in advance,
    Amit Tyagi

  • Authentication in weblogic portal server 8.1 sp2 using external LDAP

    Hi,
    I am trying to use external LDAP for authentication.
    I have configured the ActiveDirectoryAuthenticator giving the necessary
    values
    ( and added
    "-Dcom.bea.p13n.usermgmt.AuthenticationProviderName=ActiveDirectoryAuthentic
    ator" in startWeblgoic.cmd )
    and can see the users and the groups from my LDAP provider in the admin
    console and in the admin portal's "users and groups".
    A set of users are given permission to access the restricted site and those
    users are visible in the global role with the permission.
    The web.xml is configured for BASIC auth-method, and the role is
    <externally-defined/> in weblogic.xml.
    Now when I access a restricted page, I am shown a dialog prompt to key in
    the username and password.
    Even when I key in the valid credentials, the restricted page is not shown
    and an "Unauthorized xxx" 401 access error is thrown.
    Any clue, on what i am missing.?
    Please let me know if any suggestion / idea.
    Regards,
    Arun.

    Assuming your application is a WebLogic Portal application, then yes you would definitely need to install WLP 8.1. WLP version 8.1 is the only version of WLP that will run on WLS/WLW version 8.1.
    In order to obtain the product installer, you'll need to contact Oracle Support and file a request. It is not available for download from any Oracle public site. Only version 10.3 is available for download.
    Brad

  • DataSource for Replicated Database

    Hi, first, of all, I don't know if this forum is the right place to post my question, so sorry for bothering you!
    I'm working in a project where I'm thinking about using two Oracle databases one replicating the other. I read somewhere that this using Multimaster Replication is a good way to obtain more availability. But I don't know how to create a DataSource in OC4J that can use both databases and choose the one that's not down. If I were using Weblogic, I could create a connection pool for each database, and then create a MultiPool that uses the already created pools.
    I don't know if I miss something in the documentation of Multimaster Replication, but I don't see how to create a single point of access for the Replicated databases, and neither how to create a DataSource for OC4J that can access more than one database. I'm totally new in Oracle world! Perhaps it isn't the better way to obtain more availabilty, perhaps I need to use a third component to provide a single point of access for the databases. I really don't know!
    Thanks in advance,
    RGB

    Roberto,
    Multi-master replication is for distributed datbase. The best thing to have a better database availability is 9i Real Application Cluster.
    Please follow http://otn.oracle.com/products/oracle9i/content.html to read more about RAC.
    regards
    Debu

Maybe you are looking for

  • Creating a Macro with Adobe Acrobat X v.10.0.0 HELP!

    Hello, I am new to Adobe and was wondering if there is a way to create a macro for my situation. I am recording voting decisions from a pdf into an excel spreadsheet. I need to go through multiple pdf files and find the pages where votes have taken p

  • Garageband has detected a midi timeout

    Garageband takes a long, long time to open and then when it does, I get this error message about midi timeout.  Garageband eventually does open, but it says that there are no Apple loops installed.  What's going on?

  • Block direct logon to satellite system

    Dear friends,    I am working with Sol Man 4.0 SP12. I have connected R/3 with Sol Man. The user ID has been created in Sol Man As well as in R/3. (In both the systems the user ID is same) Now the user can logon to R/3 system via Sol Man (T-RFC role

  • Portal consultant

    Hi, I have implemented ESS & MSS in EP6.0. I have modified some ESS services in R/3 SAP4.7 and created IACs in Portal and it is working fine.For MSS services i implemented the std services and hence no customization needed.I know BSP programming and

  • GUI for Symbian OS

    Hi; Do we have any solution for Nokia E51, (S60) Thanks Anand