Siteminder authentication provider ,weblogic 8.1 startup error

I am trying to configure weblogic 8.1 with netegrity siteminder Application server agent.After configuring siteminder idertity asserter and Authentication provider on weblogic ,when i restarted my weblogic server it failed to start with java.lang.noSuchField :m_failOverThreshold at netegrity.SiteMinder.javaAgent.AgentAPI.javaagent_API_getconfig
I will be really thankful if any one can help me out?

Similar Messages

WebLogic 6.1 Startup error

I am getting this error when starting my system.
####<Nov 2, 2006 11:52:34 AM CST> <Emergency> <Server> <kc1devpsft1> <PIA> <main> <system> <> <000000> <Unable to initialize the server: 'Fatal initialization exception
Throwable: java.lang.ExceptionInInitializerError
java.lang.ExceptionInInitializerError: java.lang.NullPointerException
     at weblogic.management.internal.LocalDeploymentInfoManager.isInternalApplication(LocalDeploymentInfoManager.java:209)
     at weblogic.management.internal.LocalDeploymentInfoManager.readDeploymentFile(LocalDeploymentInfoManager.java:109)
     at weblogic.management.internal.LocalDeploymentInfoManager.<clinit>(LocalDeploymentInfoManager.java:66)
     at weblogic.management.mbeans.custom.ApplicationManager.cleanUpTempDir(ApplicationManager.java:685)
     at weblogic.management.mbeans.custom.ApplicationManager.createOrCleanupTempDir(ApplicationManager.java:664)
     at weblogic.management.mbeans.custom.ApplicationManager.startConfigManager(ApplicationManager.java:308)
     at weblogic.management.mbeans.custom.ApplicationManager.start(ApplicationManager.java:164)
     at java.lang.reflect.Method.invoke(Native Method)
     at weblogic.management.internal.DynamicMBeanImpl.invokeLocally(DynamicMBeanImpl.java:636)
     at weblogic.management.internal.DynamicMBeanImpl.invoke(DynamicMBeanImpl.java:621)
     at weblogic.management.internal.ConfigurationMBeanImpl.invoke(ConfigurationMBeanImpl.java:374)
     at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1557)
     at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1525)
     at weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:468)
     at weblogic.management.internal.MBeanProxy.invoke(MBeanProxy.java:209)
     at $Proxy39.start(Unknown Source)
     at weblogic.management.configuration.ApplicationManagerMBean_CachingStub.start(ApplicationManagerMBean_CachingStub.java:480)
     at weblogic.management.Admin.startApplicationManager(Admin.java:1309)
     at weblogic.management.Admin.finish(Admin.java:649)
     at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java:542)
     at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:213)
     at weblogic.Server.main(Server.java:35)
'>
Any ideas where I can start to look?

Thanks, I stared at that for ages!!
"Sree Bodapati" <[email protected]> wrote:
check url, it should be
URL="jdbc:weblogic:mssqlserver4"
hth
sree
"Paul Clements" <[email protected]> wrote in message
news:3c160d53$[email protected]..
Hi,
I get the following error when I start webLogic 6.1
<error><jdbc><cannot startup connection pool "SQLServerPool" String
index
out
of range: -1>
My config.xml (JDBC part) file looks like this
<JDBCConnectionPool
DriverName="weblogic.jdbc.mssqlserver4.Driver"
InitialCapacity="1"
LoginDelaySeconds="1"
MaxCapacity="5"
Name="SQLServerPool"
Properties="user=clemo;password=clemo;server=sdas@laptopkzapz"
Targets="myserver"
URL="weblogic:jdbc:mssqlserver4"/>
When I run the following command:
java utils.dbping MSSQLSERVER4 clemo clemo sdas@laptopkzapz
the output says everything is correct.
Hence I am totally confused why I am getting the error on startup, any
pointers
would be greatly appreciated.
Regards
Paul Clements

SiteMinder Authentication Realm has NOT been correctly configured and...

Hi All,
When I set the realm (associated with the authentication provider) as UNPROTECTED, I see the following in my AUWebAgent.log (authentication web agent log):
[31 Aug 2006 16:19:07,050] [main] [INFO] Configuration: Support for TP cookies is : ENABLED.
[31 Aug 2006 16:19:07,050] [main] [INFO] Configuration: DefaultAgentName: bppttest.micron.com.
[31 Aug 2006 16:19:07,051] [main] [INFO] Configuration: FilterDomainName: DISABLED
[31 Aug 2006 16:19:07,051] [main] [DEBUG] Creating caches ..
[31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: No Cache Timeout specified. Default is 600 seconds
[31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: No Resource Cache Size specified. Default is: 0
[31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: No Authentication Cache Size specified. Default is: 0
[31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: No Authorization Cache size specified. Default is: 0
[31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: Auditing is DISABLED
[31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: Caching for anonymous users is DISABLED
[31 Aug 2006 16:19:07,053] [main] [DEBUG] The SiteMinder Resource Manager is checking if resource "/smauthenticationrealm" is Protected.
[31 Aug 2006 16:19:07,129] [main] [INFO] Resource "/smauthenticationrealm" is NOT Protected.
[31 Aug 2006 16:19:07,129] [main] [ERROR] The SiteMinder Authentication Realm has NOT been correctly configured and is unavailable.
Additional info:
Using SiteMinder 5.5 on WebLogic 8.1 sp5
When & if I set all my realms as protected then I am unable to startup my servers and get the folowing error:
We are trying to setup (as in intergrate SiteMinder with Savvion) SiteMinder v2 with weblogic 8.1 sp 5. We have appropriately included the references to variours siteminder related jars as per Netegrity's ASA document. We aren't using any webserver, instead wewould be using launching page (which be a protected resource). The following is the installation, configuration, and testing information related to various siteminder components:
SiteMinder Identity Asserter (IA) - installed, configured & tested successfully.
SiteMinder Authentication Provider - installed, configured & test result -> Unsuccessful.
SiteMinder Authorziation provider - installed, configured & test result -> Unsuccessful.
Has anyone seen anything similar to the following? My guess on the above is that it looks like it is trying initialise siteminder stuff every time we start each of the servers(admin, ejb and portal). Since the initialisation happens for the 1st time) when the admin server is started, an error is thrown complaining about not being to initialise when we start either portal or ejb after that. If this is true then is there a way around this problem?
The Admin Server starts fine. But when we try to start either of the ejb or portal server, we get the following error:
<Aug 16, 2006 4:03:01 PM MDT> <Critical> <WebLogicServer> <BEA-000364> <Server failed during initialization. Exception:weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with nested exception:
[java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String ;); nested exception is:
        java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with nested exception:
[java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String ;); nested exception is:
        java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:225)
at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:283)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(SecurityServiceManagerDelegateImpl.java :581)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:420)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm (SecurityServiceManagerDelegateImpl.java:700)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:733)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize (SecurityServiceManagerDelegateImpl.java:876)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:734)
at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:821)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:669)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:343)
at weblogic.Server.main(Server.java:32)
>
<Aug 16, 2006 4:03:01 PM MDT> <Emergency> <WebLogicServer> <BEA-000342> <Unable to initialize the server: weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with nested exception:
[java.rmi.MarshalException : failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String;); nested exception is:
        java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9 ]>
The WebLogic Server did not start up properly.
weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with nested exception:
[java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String ;); nested exception is:
        java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:225)
at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:283)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(SecurityServiceManagerDelegateImpl.java :581)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:420)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm (SecurityServiceManagerDelegateImpl.java:700)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:733)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize (SecurityServiceManagerDelegateImpl.java:876)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:734)
at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:821)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:669)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:343)
at weblogic.Server.main(Server.java:32)
Reason: weblogic.security.service.SecurityServiceRuntimeException : [Security:090371]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with nested exception:
[java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName ;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String;); nested exception is:
        java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
Any help would be appreciated.
Regards,
Prashant

but it just says it cannot repair due to another program being installed.
I'd like to have a closer look at that error message please.
Generate the error message again. While the error message box is open, hold down the Alt key and hit the PrtSc key. Paste the screenshot into an image file (using a program like Paint), and save the file.
Start a reply here and click the wee camera icon at the top of the reply window. Click "Choose file", browse to the image file, select the file and click "Open". Now click "Insert file" to insert the screenshot into the reply.

LDAP security authentication in weblogic sp4 (URGENT)

We have a web application which interacts to the D/B to authenticate a user during our login process. Now we are trying to change the login to LDAP authentication. Here is the List I did on weblogic configuration correct me if this is correct or if am missing any thing.
1. Created a Realm
2. Created a NOVELL LDAP Authenticator (configured user, groups, members, Novell LDAP, Details)
3. Created a X.509 certificates ????? Do I need to create this one for authentication. The only question is I am confused by these parameters and help me out in figuring out these:
a. filter attributes = cn=$subj.cn
b. username attribute = cn
c. userCertificate;binary ??? ( I have a certificate idmtree.der where do I add configuration about this certificate in the console)>>>>>>>>
d. certificate mapping : ou=user,ou=$subj.ou,o=$subj.o,c=$subj.c (IS THIS CORRECT)
4. created a new Weblogic Default Authorizer...
5. created a new Weblogic Default Role Mapper...
6. created a new Weblogic Default Credential Mapper ...(Do I need to setup my certificate inside this credential mapper or not.)
7. I made this realm as the DEFAULT realm and started the server
I get the following exception.
Initializing RoleMapper provider using LDIF template file C:\bea\user_projects\domains\mydomain\.\DefaultRoleMapperInit.ldift.>
The RoleMapper provider has had its LDIF information loaded from: C:\bea\user_projects\domains\mydomain\.\DefaultRoleMapperInit.ldift>
Initializing Authorizer provider using LDIF template file C:\bea\user_projects\domains\mydomain\.\DefaultAuthorizerInit.ldift.>
The Authorizer provider has had its LDIF information loaded from: C:\bea\user_projects\domains\mydomain\.\DefaultAuthorizerInit.ldift>
Loading trusted certificates from the jks keystore file C:\bea\weblogic81\server\lib\DemoTrust.jks.>
Loading trusted certificates from the jks keystore file C:\bea\JDK142~1\jre\lib\security\cacerts.>
Loading trusted certificates from the jks keystore file C:\bea\weblogic81\server\lib\DemoTrust.jks.>
Loading trusted certificates from the jks keystore file C:\bea\JDK142~1\jre\lib\security\cacerts.>
Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure.>
Server failed during initialization. Exception:weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection - with nested exception:
[java.lang.reflect.InvocationTargetException - with target exception:
[netscape.ldap.LDAPException: [Security:090477]Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure. (91)]]
weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection - with nested exception:
[java.lang.reflect.InvocationTargetException - with target exception:
[netscape.ldap.LDAPException: [Security:090477]Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure. (91)]]
at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:205)
at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:262)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(SecurityServiceManagerDelegateImpl.java:581)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:420)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:700)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:733)
at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:876)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:734)
at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:822)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:670)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:344)
at weblogic.Server.main(Server.java:32)
>
####<Apr 6, 2006 10:42:55 AM CDT> <Emergency> <WebLogicServer> <DXPCHI029398> <myserver> <main> <<WLS Kernel>> <> <BEA-000342> <Unable to initialize the server: weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection - with nested exception:
[java.lang.reflect.InvocationTargetException - with target exception:
[netscape.ldap.LDAPException: [Security:090477]Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure. (91)]]>
ANY HELP on this would be greatly appreciated am totally exhausted seeing these error messages from morning.
I would like to know if I need a client for connecting to this LDAP authenticator. As am using the Novell API to access the LDAP directory. Let me know, and if so can some one provide me a snippet code.\
Waiting for response.
thanks in advance
kiran

Hi Christoper,
Based on your description, this seems to be more of a security related question than a workshop one.
Please post to the security newsgroup at http://forums.bea.com/bea/category.jspa?categoryID=2011
with information on service pack installed
Thanks
Raj

BPM Integration with SQL Authenticator Provider in WebLogic

Hi Gurus,
Related to the explanation from this blog : http://orasoa.blogspot.com/2010/06/sqlauthenticator-and-human-worklist.html
I have followed this review, I can see all user and groups from sql authenticator provider.
And also I can assign bpm application roles to users from sql authenticator provider.
But when I try to assign bpm application roles to groups from sql authenticator provider, the bpm application is not show from bpm workspace.
Is there any clue to solve this problem?
Cheers,
Agus W

Hi All,
Found the reason for the exception. I was implementing the generated the CustomAuthenticatorImpl class (generated through WebLogic MBeanMaker utility) as the provider class by implementing the AuthenticationProvider interface. Keeping them separate solved the issue.
Able to create the jar without any issues and also no error or exception after restart.
Thanks.

Cannot Start Weblogic Server After adding Custom Authentication Provider

Hi,
I implemented a Custom authentication provider and configured it wih Weblogic 10.3 application server. Although I successfully added Authentication provider, I couldn't restart my server. I used MBeanMaker utility to package my Authentication provider and login module. Although the MBean Utility signalled some warnings and severe messages, it successfully packaged the files. When I look at the config.xml file after adding he authenticator it just adds three lines
( <sec:authentication-provider>
<sec:name>STOREDPROCEDURE</sec:name>
</sec:authentication-provider>
) Although there are some other attributes of the authenticator.
Please advice.
Here is some stack trace.
Best Regards,
Salim
com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:47)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
####<Feb 3, 2009 12:22:42 AM EET> <Error> <Security> <localhost.localdomain> <DefaultServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1233613362036> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified..
weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)

You need to make sure that you nuke the whole directory that you are specifying to the MBean marker generator. For example, I use the following command to generate the provider jar file.
java -Dfiles=$PRJROOT/ERModel/classes -DMDF=$PRJROOT/ERModel/classes/MyCustomAuthenticator.xml -DMJF=$PRJROOT/ERModel/custom-auth-provider.jar -DtargetNameSpace=http://xmlns.oracle.com/oracleas/schema/11/adf/sampleapp/weblogic/providers -DpreserveStubs=true -DcreateStubs=true weblogic.management.commo.WebLogicMBeanMaker1c
I need to nuke the directory in the -Dfile option i.e. 'rm -rf $PRJROOT/ERModel/classes/' each time I generate the jar file. If you don't, the jar file generates without any error but you will get a runtime exception.

How to remove custom authentication provider in weblogic server 11g

Hi ,
I am trying to remove the custom authentication provider in weblogic server 11g, It disappears when i delete it from list of authentication providers. But upon server restart it appears again.
Documentation for 10g says delete it from service administration but i couldn't find one in 11g. Please help me in removing the custom authentication provider
Thanks
Sandeep

You can try editing the config.xml file and removing it there. (Re: After provider reorder I cannot login admin server console
If you are referring to a jar file - custom authenticators are usually placed in the <middleware-home>wlserver_10.3/server/lib/mbeantypes/ directory.

Weblogic with Active Directory Authentication provider problem: DN for user ....: null

I have a java application (SSO via SAML2) that uses Weblogic as a Identity Service Provider. All works well using users created directly in Weblogic. However, I need to add support for Active Directory. So, as per documentation:
- I defined an Active Directory Authentication provider
- changed it's order in the Authentication Providers list so that it comes first
- set the control flag to SUFFICIENT and configured the Provider Specific; here's the concerned part in config.xml:
<sec:authentication-provider xsi:type="wls:active-directory-authenticatorType">
        <sec:name>MyOwnADAuthenticator</sec:name>
        <sec:control-flag>SUFFICIENT</sec:control-flag>
        <wls:propagate-cause-for-login-exception>true</wls:propagate-cause-for-login-exception>
        <wls:host>10.20.150.4</wls:host>
        <wls:port>5000</wls:port>
        <wls:ssl-enabled>false</wls:ssl-enabled>
        <wls:principal>CN=tadmin,CN=wl,DC=at,DC=com</wls:principal>
        <wls:user-base-dn>CN=wl,DC=at,DC=com</wls:user-base-dn>
        <wls:credential-encrypted>{AES}deleted</wls:credential-encrypted>
        <wls:cache-enabled>false</wls:cache-enabled>
        <wls:group-base-dn>CN=wl,DC=at,DC=com</wls:group-base-dn>
</sec:authentication-provider>
I configured a AD LDS instance(Active Directory Lightweight Directory Services) on a Windows Server 2008 R2. I created users and one admin user "tadmin" which was added to Administrators members. I also made sure to set msDS-UserAccountDisabled property to FALSE.
After restarting Weblogic I can see that the AD LDS's users and groups are correctly fetched in Weblogic. But, when I try to connect with my application, using Username:tadmin and Password:<...> it does not work.
Here's what I see in the log file:
<BEA-000000> <LDAP Atn Login username: tadmin>
<BEA-000000> <authenticate user:tadmin>
<BEA-000000> <getConnection return conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
<BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)>
<BEA-000000> <DN for user tadmin: null>
<BEA-000000> <returnConnection conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
<BEA-000000> <getConnection return conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
<BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)>
<BEA-000000> <DN for user tadmin: null>
<BEA-000000> <returnConnection conn:LDAPConnection {ldaps://10.20.150.4:5000 ldapVersion:3 bindDN:"CN=tadmin,CN=wl,DC=at,DC=com"}>
<BEA-000000> <javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User tadmin denied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:229)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
So, I tried to look why do I have: <DN for user tadmin: null>. Using Apache Directory Studio I reproduced the ldap search request used in Weblogic and, sure enough, I get no results. But, changing the filter to only "(&(cn=tadmin)(objectclass=user))" (NOTICE, no userAccountControl), it works; here's the result from Apache Directory Studio:
#!SEARCH REQUEST (145) OK
#!CONNECTION ldap://10.20.150.4:5000
#!DATE 2014-01-23T14:52:09.324
# LDAP URL     : ldap://10.20.150.4:5000/CN=wl,DC=at,DC=com?objectClass?sub?(&(cn=tadmin)(objectclass=user))
# command line : ldapsearch -H ldap://10.20.150.4:5000 -x -D "[email protected]" -W -b "CN=wl,DC=at,DC=com" -s sub -a always -z 1000 "(&(cn=tadmin)(objectclass=user))" "objectClass"
# baseObject   : CN=wl,DC=at,DC=com
# scope        : wholeSubtree (2)
# derefAliases : derefAlways (3)
# sizeLimit    : 1000
# timeLimit    : 0
# typesOnly    : False
# filter       : (&(cn=tadmin)(objectclass=user))
# attributes   : objectClass
#!SEARCH RESULT DONE (145) OK
#!CONNECTION ldap://10.20.150.4:5000
#!DATE 2014-01-23T14:52:09.356
# numEntries : 1
(the "[email protected]" is defined as userPrincipalName in the tadmin user on AD LDS)
As you can see, "# numEntries : 1" (and I can see as result the entry "CN=tadmin,CN=wl,DC=at,DC=com" in Apache Directory Studio's interface); if I add the userAccountControl filter I get 0.
I've read that the AD LDS does not use userAccountControl but "uses several individual attributes to hold the information that is contained in the flags of the userAccountControl attribute"; among those attributes is msDS-UserAccountDisabled which, as I said, I already set to FALSE.
So, my question is, how do I make it work? Why do I have "<DN for user tadmin: null>" ? Is it the userAccountControl ? If it is, do I need to do some other configuration on my AD LDS ? Or, how can I get rid of the userAccountControl filter in Weblogic?
I didn't seem to find it in config files or in the interface: I only have "User From Name Filter: (&(cn=%u)(objectclass=user))", there's no userAccountControl.
Another difference I noticed is that, even though in Weblogic I have set ssl-enabled flag to false, in the logs I see ldaps and not ldap ( I'm not looking to setup something production-ready and I don't want SSL for the moment ).
Here are some other things I tried but did not change anything:
- the other "msDS-" attributes were not set so I tried initializing them to some value
- I tried other users defined in AD LDS, not tadmin
- in Weblogic I added users that were imported from AD LDS in Roles and Policies> Realm Roles > Global Roles > Roles > Admin
- I removed all userAccountControl occurrences that I found in xml files in Weblogic (schema.ms.xml, schema.msad2003.xml)
Any thoughts?
Thanks.

I managed to narrow it down: the AD LDS does not support the userAccountControl.
Anyone knows how I can configure my Active Directory Authentication Provider in Weblogic so that it does not implicitly use userAccountControl as filter?
<BEA-000000> <getDNForUser search("CN=wl,DC=at,DC=com", "(&(&(cn=tadmin)(objectclass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))", base DN & below)>

Startup error, weblogic.application.ModuleException

startup error, weblogic.application.ModuleException
I got a error when I startup my server. Here is the trace."workspace " is my application.
<Warning> <Deployer> <BEA-149004> <Failures were detected while initiating distribute task for application 'workspace'.>
<Warning> <Deployer> <BEA-149078> <Stack trace for message 149004
weblogic.application.ModuleException:
at weblogic.servlet.internal.WebAppModule.prepare(WebAppModule.java:295)
at weblogic.application.internal.flow.ScopedModuleDriver.prepare(ScopedModuleDriver.java:176)
at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:93)
at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:360)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:26)
Truncated. see log file for complete stacktrace
java.lang.ClassCastException: com.ctc.wstx.stax.WstxInputFactory
at javax.xml.stream.XMLInputFactory.newInstance(XMLInputFactory.java:136)
at weblogic.servlet.internal.WebAppHelper.addListenerElements(WebAppHelper.java:244)
at weblogic.servlet.internal.WebAppHelper$IOHelperImpl.parseXML(WebAppHelper.java:224)
at weblogic.descriptor.DescriptorCache.parseXML(DescriptorCache.java:324)
at weblogic.servlet.internal.WebAppHelper.registerTagLibListeners(WebAppHelper.java:174)
Truncated. see log file for complete stacktrace
Here is the weblogic.xml in my application.
<?xml version="1.0" encoding="UTF-8"?>
<weblogic-web-app xmlns="http://www.bea.com/ns/weblogic/90"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.bea.com/ns/weblogic/90 http://www.bea.com/ns/weblogic/90/weblogic-web-app.xsd">
<context-root>/workspace</context-root>
<container-descriptor>
<prefer-web-inf-classes>true</prefer-web-inf-classes>
</container-descriptor>
</weblogic-web-app>
I have two ways to deploy my application,using installer or deploying it manually.
Using installer is ok,but I deployed it by myself,the problem came up.That's odd
I need the weblogic.xml to resovle another problem.

some one can help,thanks.

Authentication Provider in WebLogic 7.0

Hi
I am trying to understand the Security Frame-work in WLS 7.0.
I found out that WLS 7.0 uses embedded LDAP server to store users information. It also supports external LDAP. But for our application, I want to keep users info in a database.
Is there any suggestion to solve this problem. Do I need to create my own Authentication Provider? or is there any other way to do this?
I will appreciate any help
Thanks
Virender Sandhu

does anybody know where a production ready copy of rdbmls realm is on the
net? I did a search and didnt find much?
thanks
Joel
"PaulF" <[email protected]> wrote in message
news:[email protected]..
Virender Sandhu <[email protected]> wrote in
news:3cdab13c$[email protected]:
Hi
I am trying to understand the Security Frame-work in WLS 7.0.
I found out that WLS 7.0 uses embedded LDAP server to store users
information. It also supports external LDAP. But for our application,
I want to keep users info in a database. Is there any suggestion to
solve this problem. Do I need to create my own Authentication
Provider? or is there any other way to do this?
I will appreciate any help
Thanks
Virender Sandhu
I think that you have two choices: 1) you can configure a Compatibility
Realm, take the RDBMS example, tweak it so that it is production ready (or
grab a production ready copy from someplace out on the net...I think
they're out there), or 2) create your own provider that talks directly to
your database.
Paul F.

Weblogic Server 2008 Service Startup Error

Hello
When setting up weblogic on server 2008 R2, I can start weblogic using the startWeblogic.cmd file manually, but when configuring to run as a service, I am getting the below error and the service does not start. Do you know what could be causing this?
####<Jun 13, 2012 10:48:02 AM EDT> <Info> <JDBC> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598882511> <BEA-001155> <The following exception has occurred:
weblogic.common.ResourceException: Unknown Data Source EPMSystemRegistry-rac0
     at weblogic.jdbc.common.internal.ConnectionPoolManager.shutdownConnectionPool(ConnectionPoolManager.java:563)
     at weblogic.jdbc.common.internal.ConnectionPoolManager.shutdownAndDestroyPool(ConnectionPoolManager.java:535)
     at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:295)
     at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
     at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
     at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:613)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:184)
     at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:43)
     at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
     at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
     at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
     at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
     at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
     at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
     at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
     at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
     at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
     at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
     at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
>
####<Jun 13, 2012 10:48:02 AM EDT> <Error> <Deployer> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598882527> <BEA-149205> <Failed to initialize the application 'EPMSystemRegistry-rac0' due to error weblogic.application.ModuleException: .
weblogic.application.ModuleException:
     at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:302)
     at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
     at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
     at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:613)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:184)
     at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:43)
     at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
     at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
     at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
     at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
     at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
     at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
     at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
     at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
     at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
     at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
     at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused By: weblogic.common.resourcepool.ResourceSystemException: Could not create pool connection. The DBMS driver exception was: PermGen space
     at weblogic.jdbc.common.internal.ConnectionEnvFactory.makeConnection(ConnectionEnvFactory.java:388)
     at weblogic.jdbc.common.internal.ConnectionEnvFactory.createResource(ConnectionEnvFactory.java:236)
     at weblogic.common.resourcepool.ResourcePoolImpl.makeResources(ResourcePoolImpl.java:1249)
     at weblogic.common.resourcepool.ResourcePoolImpl.makeResources(ResourcePoolImpl.java:1166)
     at weblogic.common.resourcepool.ResourcePoolImpl.start(ResourcePoolImpl.java:249)
     at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1154)
     at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:154)
     at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:454)
     at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:372)
     at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:255)
     at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
     at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
     at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:613)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:184)
     at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:43)
     at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
     at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
     at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
     at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
     at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
     at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
     at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
     at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
     at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
     at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
     at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
>
####<Jun 13, 2012 10:48:02 AM EDT> <Info> <WorkManager> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598882527> <BEA-002903> <Creating WorkManager from "weblogic.wsee.mdb.DispatchPolicy" WorkManagerMBean for application "EPMSystemRegistry-rac1">
####<Jun 13, 2012 10:48:14 AM EDT> <Error> <Deployer> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598894524> <BEA-149205> <Failed to initialize the application 'EPMSystemRegistry-rac1' due to error weblogic.management.DeploymentException: Unexpected error encountered.
weblogic.management.DeploymentException: Unexpected error encountered
     at weblogic.deploy.internal.targetserver.AppContainerInvoker.getOrCreateDeploymentException(AppContainerInvoker.java:299)
     at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:65)
     at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
     at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
     at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
     at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
     at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
     at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
     at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
     at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
     at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused By: java.lang.OutOfMemoryError: PermGen space
>
####<Jun 13, 2012 10:48:15 AM EDT> <Info> <WorkManager> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598895148> <BEA-002903> <Creating WorkManager from "weblogic.wsee.mdb.DispatchPolicy" WorkManagerMBean for application "bip_datasource-rac0">
####<Jun 13, 2012 10:48:31 AM EDT> <Info> <JDBC> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598911871> <BEA-001177> <Creating Connection Pool named bip_datasource-rac0, URL = jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=)(INSTANCE_NAME=))), Properties = user=BIP_BIPLATFORM;oracle.net.CONNECT_TIMEOUT=10000;.>
####<Jun 13, 2012 10:48:32 AM EDT> <Info> <Common> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598912495> <BEA-000626> <Free resources in pool "bip_datasource-rac0" will be tested every "300" seconds.>
####<Jun 13, 2012 10:48:34 AM EDT> <Info> <JDBC> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598914382> <BEA-001508> <Destroying Connection Pool bip_datasource-rac0.>
####<Jun 13, 2012 10:48:34 AM EDT> <Info> <JDBC> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598914382> <BEA-001155> <The following exception has occurred:
weblogic.common.ResourceException: Unknown Data Source bip_datasource-rac0
     at weblogic.jdbc.common.internal.ConnectionPoolManager.shutdownConnectionPool(ConnectionPoolManager.java:563)
     at weblogic.jdbc.common.internal.ConnectionPoolManager.shutdownAndDestroyPool(ConnectionPoolManager.java:535)
     at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:295)
     at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
     at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
     at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:613)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:184)
     at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:43)
     at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
     at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
     at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
     at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
     at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
     at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
     at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
     at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
     at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
     at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
     at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
>
####<Jun 13, 2012 10:48:37 AM EDT> <Error> <Deployer> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598917518> <BEA-149205> <Failed to initialize the application 'bip_datasource-rac0' due to error weblogic.application.ModuleException: .
weblogic.application.ModuleException:
     at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:302)
     at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
     at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
     at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:613)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:184)
     at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:43)
     at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
     at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
     at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
     at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
     at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
     at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
     at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
     at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
     at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
     at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
     at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused By: weblogic.common.resourcepool.ResourceSystemException: Could not create pool connection. The DBMS driver exception was: (class: oracle/jdbc/OracleConnectionWrapper, method: proxyFor signature: (Ljava/lang/Object;Ljava/lang/Class;)Ljava/lang/Object;) Illegal type in constant pool
     at weblogic.jdbc.common.internal.ConnectionEnvFactory.makeConnection(ConnectionEnvFactory.java:388)
     at weblogic.jdbc.common.internal.ConnectionEnvFactory.createResource(ConnectionEnvFactory.java:236)
     at weblogic.common.resourcepool.ResourcePoolImpl.makeResources(ResourcePoolImpl.java:1249)
     at weblogic.common.resourcepool.ResourcePoolImpl.makeResources(ResourcePoolImpl.java:1166)
     at weblogic.common.resourcepool.ResourcePoolImpl.start(ResourcePoolImpl.java:249)
     at weblogic.jdbc.common.internal.ConnectionPool.doStart(ConnectionPool.java:1154)
     at weblogic.jdbc.common.internal.ConnectionPool.start(ConnectionPool.java:154)
     at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:454)
     at weblogic.jdbc.common.internal.ConnectionPoolManager.createAndStartPool(ConnectionPoolManager.java:372)
     at weblogic.jdbc.module.JDBCModule.prepare(JDBCModule.java:255)
     at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
     at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
     at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
     at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:613)
     at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
     at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:184)
     at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:43)
     at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
     at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
     at weblogic.deploy.internal.targetserver.SystemResourceDeployment.prepare(SystemResourceDeployment.java:55)
     at weblogic.management.deploy.internal.DeploymentAdapter$1.doPrepare(DeploymentAdapter.java:39)
     at weblogic.management.deploy.internal.DeploymentAdapter.prepare(DeploymentAdapter.java:191)
     at weblogic.management.deploy.internal.AppTransition$1.transitionApp(AppTransition.java:21)
     at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:240)
     at weblogic.management.deploy.internal.ConfiguredDeployments.prepare(ConfiguredDeployments.java:165)
     at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:122)
     at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
     at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
     at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
>
####<Jun 13, 2012 10:48:38 AM EDT> <Info> <WorkManager> <bmiorabip1> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1339598918750> <BEA-002903> <Creating WorkManager from "weblogic.wsee.mdb.DispatchPolicy" WorkManagerMBean for application "bip_datasource-rac1">
Thanks
Nick

Hi Nick,
Open the register editor and look for HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<your beasvc service>\Parameters
Look what is in CmdLine, those are the actual parameters that the service's using, look for all -X arguments.
I have this on my service here:
-Xms512m -Xmx1024m -XX:PermSize=128m -XX:MaxPermSize=512m
Your problem is probably on the -XX:PermSize part...
Modify your installSvc.cmd script so you can have the right parameters for the service, you can also try and call setDomainEnv.cmd from inside installSvc.cmd then you will guarantee that the arguments are the same for startWeblogic.cmd and the service.
Cheers,
Vlad
Give points - it is good etiquette to reward an answerer points (5 - helpful; 10 - correct) for their post if they answer your question. If you think this is helpful, please consider giving points

Security realm - Security:097533 - Developing own authentication provider

hi everyone,
i Developing own authentication provider and i installed a security patch, so while i restarting the weblogic server encountered the below Exeption:
<10/05/2013 05:54:33 PM COT> <Error> <Security> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified..
weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(CSSWLSDelegateImpl.java:341)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(CSSWLSDelegateImpl.java:220)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(CommonSecurityServiceManagerDelegateImpl.java:1789)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:443)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:841)
Truncated. see log file for complete stacktrace
Caused By: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(WLSIdentityServiceImpl.java:46)
Truncated. see log file for complete stacktrace
Caused By: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:42)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
Truncated. see log file for complete stacktrace
this is the config.xml :
<domain xmlns="http://xmlns.oracle.com/weblogic/domain" xmlns:sec="http://xmlns.oracle.com/weblogic/security" xmlns:wls="http://xmlns.oracle.com/weblogic/security/wls" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.oracle.com/weblogic/security/xacml http://xmlns.oracle.com/weblogic/security/xacml/1.0/xacml.xsd http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator/1.0/passwordvalidator.xsd http://xmlns.oracle.com/weblogic/domain http://xmlns.oracle.com/weblogic/1.0/domain.xsd http://xmlns.oracle.com/weblogic/security http://xmlns.oracle.com/weblogic/1.0/security.xsd http://xmlns.oracle.com/weblogic/security/wls http://xmlns.oracle.com/weblogic/security/wls/1.0/wls.xsd http://xmlns.oracle.com/weblogic/security/extension http://xmlns.oracle.com/weblogic/1.0/security.xsd">
<name>base_domain</name>
<domain-version>12.1.1.0</domain-version>
<security-configuration>
<name>base_domain</name>
<realm>
<sec:authentication-provider xsi:type="wls:default-authenticatorType"></sec:authentication-provider>
<sec:authentication-provider xsi:type="wls:default-identity-asserterType">
<sec:active-type>AuthenticatedUser</sec:active-type>
</sec:authentication-provider>
<sec:authentication-provider xmlns:ext="http://xmlns.oracle.com/weblogic/security/extension" xsi:type="ext:as400-realmType">
<sec:name>AS400Realm</sec:name>
<sec:control-flag>OPTIONAL</sec:control-flag>
</sec:authentication-provider>
<sec:role-mapper xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
<sec:authorizer xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
<sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
<sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
<sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
<sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
<sec:user-lockout-manager>
<sec:lockout-enabled>false</sec:lockout-enabled>
</sec:user-lockout-manager>
<sec:deploy-role-ignored>false</sec:deploy-role-ignored>
<sec:deploy-policy-ignored>false</sec:deploy-policy-ignored>
<sec:security-dd-model>DDOnly</sec:security-dd-model>
<sec:name>myrealm</sec:name>
<sec:password-validator xmlns:pas="http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator" xsi:type="pas:system-password-validatorType">
<sec:name>SystemPasswordValidator</sec:name>
<pas:min-password-length>8</pas:min-password-length>
<pas:min-numeric-or-special-characters>1</pas:min-numeric-or-special-characters>
</sec:password-validator>
</realm>
<default-realm>myrealm</default-realm>
<credential-encrypted>{AES}kyVB/9J9Fbvp11tAnYgn6grV6wQwNZZGHSh2JLQtesxS46Re+QCfIAttNE5JugllQvUHOhE+pz0AnEfYL2p5q2oeRsjqoQz2/1Lg8x+3WMoKic0xnRzw2RWoFjQo3F9x</credential-encrypted>
<node-manager-username>weblogic</node-manager-username>
<node-manager-password-encrypted>{AES}4jkSbv5dMOl6cRpRa4QwB83XVavtq168cV4L+NSFDcI=</node-manager-password-encrypted>
<cross-domain-security-enabled>true</cross-domain-security-enabled>
</security-configuration>
<server>
<name>AdminServer</name>
<listen-address>localhost</listen-address>
<staging-mode>nostage</staging-mode>
</server>
<embedded-ldap>
<name>base_domain</name>
<credential-encrypted>{AES}9YeG1UFRNQzM0v6/j8cFvT9x9fkJUl1FJOWGInl5dax26FgMNEVwKNxOBHvW2opm</credential-encrypted>
</embedded-ldap>
<configuration-version>12.1.1.0</configuration-version>
this is the mbean xml (A400Realmmbean.xml):
<?xml version="1.0" ?>
<!DOCTYPE MBeanType SYSTEM "commo.dtd">
<MBeanType Name = "AS400Realm" DisplayName = "AS400Realm"
Package = "co.com.claro.security"
Extends = "weblogic.management.security.authentication.Authenticator"
PersistPolicy = "OnUpdate"
>
<MbeanAttribute Name = "ProviderClassName" Type = "java.lang.String"
Writeable = "false"
Default =
""co.com.claro.AS400Realm""
/>
<MBeanAttribute Name = "Description" Type = "java.lang.String"
Writeable = "false" Default = ""My Identity Assertion Provider""
/>
<MBeanAttribute Name = "Version" Type = "java.lang.String"
Writeable = "false" Default = ""1.0""
/>
</MBeanType>
and the runtime class:
AS400Realm.java:
* To change this template, choose Tools | Templates
* and open the template in the editor.
package co.com.claro.security;
import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import weblogic.management.security.ProviderMBean;
import weblogic.security.provider.PrincipalValidatorImpl;
import weblogic.security.spi.AuthenticationProviderV2;
import weblogic.security.spi.IdentityAsserterV2;
import weblogic.security.spi.PrincipalValidator;
import weblogic.security.spi.SecurityServices;
import weblogic.security.principal.WLSGroupImpl;
import weblogic.security.principal.WLSUserImpl;
public final class AS400Realm implements AuthenticationProviderV2
private String description;
// private SimpleSampleAuthenticatorDatabase database;
private LoginModuleControlFlag controlFlag;
// public String PARAM_JAAS_CONTEXT = "jaas-context";
// public String PARAM_DATASOURCE_NAME = "jdbc/Oracle";
// public String DEFAULT_GROUP_NAME = "default";
public void initialize(ProviderMBean mbean, SecurityServices services)
System.out.println("AS400Realm.initialize");
AS400RealmMBean myMBean = (AS400RealmMBean)mbean;
description = myMBean.getDescription() + "\n" + myMBean.getVersion();
// database = new SimpleSampleAuthenticatorDatabase(myMBean);
String flag = myMBean.getControlFlag();
if (flag.equalsIgnoreCase("REQUIRED")) {
controlFlag = LoginModuleControlFlag.REQUIRED;
} else if (flag.equalsIgnoreCase("OPTIONAL")) {
controlFlag = LoginModuleControlFlag.OPTIONAL;
} else if (flag.equalsIgnoreCase("REQUISITE")) {
controlFlag = LoginModuleControlFlag.REQUISITE;
} else if (flag.equalsIgnoreCase("SUFFICIENT")) {
controlFlag = LoginModuleControlFlag.SUFFICIENT;
} else {
throw new IllegalArgumentException("invalid flag value" + flag);
public String getDescription()
return description;
public void shutdown()
System.out.println("AS400Realm.shutdown");
private AppConfigurationEntry getConfiguration(HashMap options)
options.put("PARAM_DATASOURCE_NAME", "jdbc/Oracle");
return new
AppConfigurationEntry(
"co.com.claro.security.AS400LoginModule",
controlFlag,
options
public AppConfigurationEntry getLoginModuleConfiguration()
HashMap options = new HashMap();
return getConfiguration(options);
public AppConfigurationEntry getAssertionModuleConfiguration()
HashMap options = new HashMap();
options.put("IdentityAssertion","true");
return getConfiguration(options);
public PrincipalValidator getPrincipalValidator()
return new PrincipalValidatorImpl();
public IdentityAsserterV2 getIdentityAsserter()
return null;
AS400LoginModule.java :
* To change this template, choose Tools | Templates
* and open the template in the editor.
package co.com.claro.security;
import com.ibm.as400.access.AS400;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Enumeration;
import java.util.Map;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.spi.LoginModule;
import javax.sql.DataSource;
import weblogic.security.spi.WLSGroup;
import weblogic.security.spi.WLSUser;
import weblogic.security.principal.WLSGroupImpl;
import weblogic.security.principal.WLSUserImpl;
* @author dmunoz
final public class AS400LoginModule implements LoginModule {
private Subject subject;
private CallbackHandler callbackHandler;
private String PARAM_DATASOURCE_NAME = "jdbc/Oracle";
private String DEFAULT_GROUP_NAME = "default";
// Determine whether this is a login or assert identity
private boolean isIdentityAssertion;
// Authentication status
private boolean loginSucceeded;
private boolean principalsInSubject;
private Vector principalsForSubject = new Vector();
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
// only called (once!) after the constructor and before login
System.out.println("SimpleSampleLoginModuleImpl.initialize");
this.subject = subject;
this.callbackHandler = callbackHandler;
// Check for Identity Assertion option
isIdentityAssertion =
"true".equalsIgnoreCase((String) options.get("IdentityAssertion"));
private boolean authenticateAS400(String user, String passwd) throws Exception {
String host ="172.31.2.80";//Config.getProperty(Config.AS400_AUTHENTICATION_HOST);
AS400 as400System;
as400System = new AS400(host, user, passwd);
return as400System.validateSignon();
public boolean login() throws LoginException {
// only called (once!) after initialize
System.out.println("SimpleSampleLoginModuleImpl.login");
// loginSucceeded should be false
// principalsInSubject should be false
Callback[] callbacks = getCallbacks();
String userName = getUserName(callbacks);
if (userName.length() > 0) {
if (!isIdentityAssertion) {
String passwordHave = getPasswordHave(userName, callbacks);
try{
loginSucceeded = authenticateAS400(userName, passwordHave);
}catch(Exception e){
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.WARNING, null, e);
throw new LoginException(e.getMessage());
} else {
// anonymous login - let it through?
System.out.println("\tempty userName");
if (loginSucceeded) {
principalsForSubject.add(new WLSUserImpl(userName));
addGroupsForSubject(userName);
return loginSucceeded;
public boolean commit() throws LoginException {
// only called (once!) after login
// loginSucceeded should be true or false
// principalsInSubject should be false
// user should be null if !loginSucceeded, null or not-null otherwise
// group should be null if user == null, null or not-null otherwise
System.out.println("SimpleSampleLoginModule.commit");
if (loginSucceeded) {
subject.getPrincipals().addAll(principalsForSubject);
principalsInSubject = true;
return true;
} else {
return false;
public boolean abort() throws LoginException {
// The abort method is called to abort the authentication process. This is
// phase 2 of authentication when phase 1 fails. It is called if the
// LoginContext's overall authentication failed.
// loginSucceeded should be true or false
// user should be null if !loginSucceeded, otherwise null or not-null
// group should be null if user == null, otherwise null or not-null
// principalsInSubject should be false if user is null, otherwise true
// or false
System.out.println("SimpleSampleLoginModule.abort");
if (principalsInSubject) {
subject.getPrincipals().removeAll(principalsForSubject);
principalsInSubject = false;
return true;
public boolean logout() throws LoginException {
// should never be called
System.out.println("SimpleSampleLoginModule.logout");
return true;
private void throwLoginException(String msg) throws LoginException {
System.out.println("Throwing LoginException(" + msg + ")");
throw new LoginException(msg);
private void throwFailedLoginException(String msg) throws FailedLoginException {
System.out.println("Throwing FailedLoginException(" + msg + ")");
throw new FailedLoginException(msg);
private Callback[] getCallbacks() throws LoginException {
if (callbackHandler == null) {
throwLoginException("No CallbackHandler Specified");
Callback[] callbacks;
if (isIdentityAssertion) {
callbacks = new Callback[1];
} else {
callbacks = new Callback[2];
callbacks[1] = new PasswordCallback("password: ", false);
callbacks[0] = new NameCallback("username: ");
try {
callbackHandler.handle(callbacks);
} catch (IOException e) {
throw new LoginException(e.toString());
} catch (UnsupportedCallbackException e) {
throwLoginException(e.toString() + " " + e.getCallback().toString());
return callbacks;
private String getUserName(Callback[] callbacks) throws LoginException {
String userName = ((NameCallback) callbacks[0]).getName();
if (userName == null) {
throwLoginException("Username not supplied.");
System.out.println("\tuserName\t= " + userName);
return userName;
private void addGroupsForSubject(String userName) {
try {
for (Enumeration e = getGroupNamesAS400(userName);
e.hasMoreElements();) {
String groupName = (String) e.nextElement();
System.out.println("\tgroupName\t= " + groupName);
principalsForSubject.add(new WLSGroupImpl(groupName));
} catch (Exception ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
public Enumeration getGroupNamesAS400(String usuario)
throws Exception {
if(usuario == null) {
throw new Exception("Usuario no puede ser vacio");
Vector<String> grupos = new Vector<String>();
grupos.add(DEFAULT_GROUP_NAME);
Connection conn = null;
ResultSet rs = null;
PreparedStatement statement = null;
try {
Context c = new InitialContext();
DataSource dst = (DataSource) c.lookup(PARAM_DATASOURCE_NAME);
conn = dst.getConnection();
String query = "SELECT COD_ROL AS ROL " +
"FROM gestionnew.us_rol_perfil " +
"JOIN gestionnew.usuarios " +
"ON us_rol_perfil.id_perfil = usuarios.id_perfil " +
"WHERE upper(usuarios.usuariorr) = ?";
statement = conn.prepareStatement(query);
statement.setString(1, usuario.toUpperCase());
rs = statement.executeQuery();
while (rs.next()) {
grupos.add(rs.getString("ROL"));
} catch (SQLException ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
} catch (NamingException ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
} finally {
if (conn != null) {
try {
conn.close();
} catch (SQLException ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
if (rs != null) {
try {
rs.close();
} catch (SQLException ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
if (statement != null) {
try {
statement.close();
} catch (SQLException ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
return grupos.elements();
private String getPasswordHave(String userName, Callback[] callbacks) throws
LoginException {
PasswordCallback passwordCallback = (PasswordCallback) callbacks[1];
char[] password = passwordCallback.getPassword();
passwordCallback.clearPassword();
if (password == null || password.length < 1) {
throwLoginException("Authentication Failed: User " + userName +
". Password not supplied");
String passwd = new String(password);
System.out.println("\tpasswordHave\t= " + passwd);
return passwd;
thanks

hi everyone,
i Developing own authentication provider and i installed a security patch, so while i restarting the weblogic server encountered the below Exeption:
<10/05/2013 05:54:33 PM COT> <Error> <Security> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified..
weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(CSSWLSDelegateImpl.java:341)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(CSSWLSDelegateImpl.java:220)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(CommonSecurityServiceManagerDelegateImpl.java:1789)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:443)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:841)
Truncated. see log file for complete stacktrace
Caused By: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(WLSIdentityServiceImpl.java:46)
Truncated. see log file for complete stacktrace
Caused By: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for AS400Realm is not specified.
at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:42)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
Truncated. see log file for complete stacktrace
this is the config.xml :
<domain xmlns="http://xmlns.oracle.com/weblogic/domain" xmlns:sec="http://xmlns.oracle.com/weblogic/security" xmlns:wls="http://xmlns.oracle.com/weblogic/security/wls" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.oracle.com/weblogic/security/xacml http://xmlns.oracle.com/weblogic/security/xacml/1.0/xacml.xsd http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator/1.0/passwordvalidator.xsd http://xmlns.oracle.com/weblogic/domain http://xmlns.oracle.com/weblogic/1.0/domain.xsd http://xmlns.oracle.com/weblogic/security http://xmlns.oracle.com/weblogic/1.0/security.xsd http://xmlns.oracle.com/weblogic/security/wls http://xmlns.oracle.com/weblogic/security/wls/1.0/wls.xsd http://xmlns.oracle.com/weblogic/security/extension http://xmlns.oracle.com/weblogic/1.0/security.xsd">
<name>base_domain</name>
<domain-version>12.1.1.0</domain-version>
<security-configuration>
<name>base_domain</name>
<realm>
<sec:authentication-provider xsi:type="wls:default-authenticatorType"></sec:authentication-provider>
<sec:authentication-provider xsi:type="wls:default-identity-asserterType">
<sec:active-type>AuthenticatedUser</sec:active-type>
</sec:authentication-provider>
<sec:authentication-provider xmlns:ext="http://xmlns.oracle.com/weblogic/security/extension" xsi:type="ext:as400-realmType">
<sec:name>AS400Realm</sec:name>
<sec:control-flag>OPTIONAL</sec:control-flag>
</sec:authentication-provider>
<sec:role-mapper xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
<sec:authorizer xmlns:xac="http://xmlns.oracle.com/weblogic/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
<sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
<sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
<sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
<sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
<sec:user-lockout-manager>
<sec:lockout-enabled>false</sec:lockout-enabled>
</sec:user-lockout-manager>
<sec:deploy-role-ignored>false</sec:deploy-role-ignored>
<sec:deploy-policy-ignored>false</sec:deploy-policy-ignored>
<sec:security-dd-model>DDOnly</sec:security-dd-model>
<sec:name>myrealm</sec:name>
<sec:password-validator xmlns:pas="http://xmlns.oracle.com/weblogic/security/providers/passwordvalidator" xsi:type="pas:system-password-validatorType">
<sec:name>SystemPasswordValidator</sec:name>
<pas:min-password-length>8</pas:min-password-length>
<pas:min-numeric-or-special-characters>1</pas:min-numeric-or-special-characters>
</sec:password-validator>
</realm>
<default-realm>myrealm</default-realm>
<credential-encrypted>{AES}kyVB/9J9Fbvp11tAnYgn6grV6wQwNZZGHSh2JLQtesxS46Re+QCfIAttNE5JugllQvUHOhE+pz0AnEfYL2p5q2oeRsjqoQz2/1Lg8x+3WMoKic0xnRzw2RWoFjQo3F9x</credential-encrypted>
<node-manager-username>weblogic</node-manager-username>
<node-manager-password-encrypted>{AES}4jkSbv5dMOl6cRpRa4QwB83XVavtq168cV4L+NSFDcI=</node-manager-password-encrypted>
<cross-domain-security-enabled>true</cross-domain-security-enabled>
</security-configuration>
<server>
<name>AdminServer</name>
<listen-address>localhost</listen-address>
<staging-mode>nostage</staging-mode>
</server>
<embedded-ldap>
<name>base_domain</name>
<credential-encrypted>{AES}9YeG1UFRNQzM0v6/j8cFvT9x9fkJUl1FJOWGInl5dax26FgMNEVwKNxOBHvW2opm</credential-encrypted>
</embedded-ldap>
<configuration-version>12.1.1.0</configuration-version>
this is the mbean xml (A400Realmmbean.xml):
<?xml version="1.0" ?>
<!DOCTYPE MBeanType SYSTEM "commo.dtd">
<MBeanType Name = "AS400Realm" DisplayName = "AS400Realm"
Package = "co.com.claro.security"
Extends = "weblogic.management.security.authentication.Authenticator"
PersistPolicy = "OnUpdate"
>
<MbeanAttribute Name = "ProviderClassName" Type = "java.lang.String"
Writeable = "false"
Default =
""co.com.claro.AS400Realm""
/>
<MBeanAttribute Name = "Description" Type = "java.lang.String"
Writeable = "false" Default = ""My Identity Assertion Provider""
/>
<MBeanAttribute Name = "Version" Type = "java.lang.String"
Writeable = "false" Default = ""1.0""
/>
</MBeanType>
and the runtime class:
AS400Realm.java:
* To change this template, choose Tools | Templates
* and open the template in the editor.
package co.com.claro.security;
import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import weblogic.management.security.ProviderMBean;
import weblogic.security.provider.PrincipalValidatorImpl;
import weblogic.security.spi.AuthenticationProviderV2;
import weblogic.security.spi.IdentityAsserterV2;
import weblogic.security.spi.PrincipalValidator;
import weblogic.security.spi.SecurityServices;
import weblogic.security.principal.WLSGroupImpl;
import weblogic.security.principal.WLSUserImpl;
public final class AS400Realm implements AuthenticationProviderV2
private String description;
// private SimpleSampleAuthenticatorDatabase database;
private LoginModuleControlFlag controlFlag;
// public String PARAM_JAAS_CONTEXT = "jaas-context";
// public String PARAM_DATASOURCE_NAME = "jdbc/Oracle";
// public String DEFAULT_GROUP_NAME = "default";
public void initialize(ProviderMBean mbean, SecurityServices services)
System.out.println("AS400Realm.initialize");
AS400RealmMBean myMBean = (AS400RealmMBean)mbean;
description = myMBean.getDescription() + "\n" + myMBean.getVersion();
// database = new SimpleSampleAuthenticatorDatabase(myMBean);
String flag = myMBean.getControlFlag();
if (flag.equalsIgnoreCase("REQUIRED")) {
controlFlag = LoginModuleControlFlag.REQUIRED;
} else if (flag.equalsIgnoreCase("OPTIONAL")) {
controlFlag = LoginModuleControlFlag.OPTIONAL;
} else if (flag.equalsIgnoreCase("REQUISITE")) {
controlFlag = LoginModuleControlFlag.REQUISITE;
} else if (flag.equalsIgnoreCase("SUFFICIENT")) {
controlFlag = LoginModuleControlFlag.SUFFICIENT;
} else {
throw new IllegalArgumentException("invalid flag value" + flag);
public String getDescription()
return description;
public void shutdown()
System.out.println("AS400Realm.shutdown");
private AppConfigurationEntry getConfiguration(HashMap options)
options.put("PARAM_DATASOURCE_NAME", "jdbc/Oracle");
return new
AppConfigurationEntry(
"co.com.claro.security.AS400LoginModule",
controlFlag,
options
public AppConfigurationEntry getLoginModuleConfiguration()
HashMap options = new HashMap();
return getConfiguration(options);
public AppConfigurationEntry getAssertionModuleConfiguration()
HashMap options = new HashMap();
options.put("IdentityAssertion","true");
return getConfiguration(options);
public PrincipalValidator getPrincipalValidator()
return new PrincipalValidatorImpl();
public IdentityAsserterV2 getIdentityAsserter()
return null;
AS400LoginModule.java :
* To change this template, choose Tools | Templates
* and open the template in the editor.
package co.com.claro.security;
import com.ibm.as400.access.AS400;
import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Enumeration;
import java.util.Map;
import java.util.Vector;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.spi.LoginModule;
import javax.sql.DataSource;
import weblogic.security.spi.WLSGroup;
import weblogic.security.spi.WLSUser;
import weblogic.security.principal.WLSGroupImpl;
import weblogic.security.principal.WLSUserImpl;
* @author dmunoz
final public class AS400LoginModule implements LoginModule {
private Subject subject;
private CallbackHandler callbackHandler;
private String PARAM_DATASOURCE_NAME = "jdbc/Oracle";
private String DEFAULT_GROUP_NAME = "default";
// Determine whether this is a login or assert identity
private boolean isIdentityAssertion;
// Authentication status
private boolean loginSucceeded;
private boolean principalsInSubject;
private Vector principalsForSubject = new Vector();
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
// only called (once!) after the constructor and before login
System.out.println("SimpleSampleLoginModuleImpl.initialize");
this.subject = subject;
this.callbackHandler = callbackHandler;
// Check for Identity Assertion option
isIdentityAssertion =
"true".equalsIgnoreCase((String) options.get("IdentityAssertion"));
private boolean authenticateAS400(String user, String passwd) throws Exception {
String host ="172.31.2.80";//Config.getProperty(Config.AS400_AUTHENTICATION_HOST);
AS400 as400System;
as400System = new AS400(host, user, passwd);
return as400System.validateSignon();
public boolean login() throws LoginException {
// only called (once!) after initialize
System.out.println("SimpleSampleLoginModuleImpl.login");
// loginSucceeded should be false
// principalsInSubject should be false
Callback[] callbacks = getCallbacks();
String userName = getUserName(callbacks);
if (userName.length() > 0) {
if (!isIdentityAssertion) {
String passwordHave = getPasswordHave(userName, callbacks);
try{
loginSucceeded = authenticateAS400(userName, passwordHave);
}catch(Exception e){
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.WARNING, null, e);
throw new LoginException(e.getMessage());
} else {
// anonymous login - let it through?
System.out.println("\tempty userName");
if (loginSucceeded) {
principalsForSubject.add(new WLSUserImpl(userName));
addGroupsForSubject(userName);
return loginSucceeded;
public boolean commit() throws LoginException {
// only called (once!) after login
// loginSucceeded should be true or false
// principalsInSubject should be false
// user should be null if !loginSucceeded, null or not-null otherwise
// group should be null if user == null, null or not-null otherwise
System.out.println("SimpleSampleLoginModule.commit");
if (loginSucceeded) {
subject.getPrincipals().addAll(principalsForSubject);
principalsInSubject = true;
return true;
} else {
return false;
public boolean abort() throws LoginException {
// The abort method is called to abort the authentication process. This is
// phase 2 of authentication when phase 1 fails. It is called if the
// LoginContext's overall authentication failed.
// loginSucceeded should be true or false
// user should be null if !loginSucceeded, otherwise null or not-null
// group should be null if user == null, otherwise null or not-null
// principalsInSubject should be false if user is null, otherwise true
// or false
System.out.println("SimpleSampleLoginModule.abort");
if (principalsInSubject) {
subject.getPrincipals().removeAll(principalsForSubject);
principalsInSubject = false;
return true;
public boolean logout() throws LoginException {
// should never be called
System.out.println("SimpleSampleLoginModule.logout");
return true;
private void throwLoginException(String msg) throws LoginException {
System.out.println("Throwing LoginException(" + msg + ")");
throw new LoginException(msg);
private void throwFailedLoginException(String msg) throws FailedLoginException {
System.out.println("Throwing FailedLoginException(" + msg + ")");
throw new FailedLoginException(msg);
private Callback[] getCallbacks() throws LoginException {
if (callbackHandler == null) {
throwLoginException("No CallbackHandler Specified");
Callback[] callbacks;
if (isIdentityAssertion) {
callbacks = new Callback[1];
} else {
callbacks = new Callback[2];
callbacks[1] = new PasswordCallback("password: ", false);
callbacks[0] = new NameCallback("username: ");
try {
callbackHandler.handle(callbacks);
} catch (IOException e) {
throw new LoginException(e.toString());
} catch (UnsupportedCallbackException e) {
throwLoginException(e.toString() + " " + e.getCallback().toString());
return callbacks;
private String getUserName(Callback[] callbacks) throws LoginException {
String userName = ((NameCallback) callbacks[0]).getName();
if (userName == null) {
throwLoginException("Username not supplied.");
System.out.println("\tuserName\t= " + userName);
return userName;
private void addGroupsForSubject(String userName) {
try {
for (Enumeration e = getGroupNamesAS400(userName);
e.hasMoreElements();) {
String groupName = (String) e.nextElement();
System.out.println("\tgroupName\t= " + groupName);
principalsForSubject.add(new WLSGroupImpl(groupName));
} catch (Exception ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
public Enumeration getGroupNamesAS400(String usuario)
throws Exception {
if(usuario == null) {
throw new Exception("Usuario no puede ser vacio");
Vector<String> grupos = new Vector<String>();
grupos.add(DEFAULT_GROUP_NAME);
Connection conn = null;
ResultSet rs = null;
PreparedStatement statement = null;
try {
Context c = new InitialContext();
DataSource dst = (DataSource) c.lookup(PARAM_DATASOURCE_NAME);
conn = dst.getConnection();
String query = "SELECT COD_ROL AS ROL " +
"FROM gestionnew.us_rol_perfil " +
"JOIN gestionnew.usuarios " +
"ON us_rol_perfil.id_perfil = usuarios.id_perfil " +
"WHERE upper(usuarios.usuariorr) = ?";
statement = conn.prepareStatement(query);
statement.setString(1, usuario.toUpperCase());
rs = statement.executeQuery();
while (rs.next()) {
grupos.add(rs.getString("ROL"));
} catch (SQLException ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
} catch (NamingException ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
} finally {
if (conn != null) {
try {
conn.close();
} catch (SQLException ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
if (rs != null) {
try {
rs.close();
} catch (SQLException ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
if (statement != null) {
try {
statement.close();
} catch (SQLException ex) {
Logger.getLogger(AS400LoginModule.class.getName()).log(Level.SEVERE, null, ex);
return grupos.elements();
private String getPasswordHave(String userName, Callback[] callbacks) throws
LoginException {
PasswordCallback passwordCallback = (PasswordCallback) callbacks[1];
char[] password = passwordCallback.getPassword();
passwordCallback.clearPassword();
if (password == null || password.length < 1) {
throwLoginException("Authentication Failed: User " + userName +
". Password not supplied");
String passwd = new String(password);
System.out.println("\tpasswordHave\t= " + passwd);
return passwd;
thanks

OpenLDAP authentication provider with CA LDAP server

Hi,
I am trying to get authentication to work using an OpenLDAP AP connecting to CA LDAP server (formerly eTrust LDAP server). I am at the point where the bind is successful, the user account is authenticated in LDAP, but I am unable to retrieve the group information.
Here is the error for the group lookup:
####<Apr 8, 2013 9:48:33 AM CDT> <Debug> <SecurityAtn> <EPMDOWCS8> <ms1> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <01f9ee928bc01ecd:275c5c34:13dea1201e3:-7ffd-000000000000021d> <1365432513554> <BEA-000000> <[Security:090278]Error listing member groups myACID>
This is the final error, presumably because the group lookup failed:
####<Apr 8, 2013 9:48:33 AM CDT> <Debug> <SecurityAtn> <EPMDOWCS8> <ms1> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <01f9ee928bc01ecd:275c5c34:13dea1201e3:-7ffd-000000000000021d> <1365432513554> <BEA-000000> <javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User myACID denied
     at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:229)
     at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
     at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
     at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
     at javax.security.auth.login.LoginContext$4.run(LoginContext.java:684)
     at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
     at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
     at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
The CA LDAP server is pointed to a Top Secret database, so the attribute names are atypical as far as directory services objects are concerned. I've tried modifying the group and static group information to search both groups and profiles, but both fail. I've also tried omitting the static group information, and specifying dynamic group info, but that failed as well.
Here is the search it is running:
(&(memberOf=tssacid=myACID,tssadmingrp=acids,host=ourdevsysid,o=our.ORG)(objectclass=tssprofile))
Here the is the group based DN: tssadmingrp=profiles,host=ourdevsysid,o=our.org
The group search scope is subtree. I tried unlimited, and a limited of 2 levels.
If I execute the filtered search using a third party tool (JXplorer), I receive this error:
javax.naming.NamingException: [LDAP: error code 80 - LDP2900E Unknown attribute, , in filter string]; remaining name 'tssadmingrp=profiles,host=ourdevsysid,o=our.org'
     at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3085)
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
     at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1826)
     at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1749)
     at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
     at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
     at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:257)
     at com.ca.commons.jndi.JNDIOps.rawSearch(JNDIOps.java:1192)
     at com.ca.commons.jndi.JNDIOps.rawSearchSubTree(JNDIOps.java:1039)
     at com.ca.commons.naming.DXOps.rawSearchSubTree(DXOps.java:343)
     at com.ca.commons.jndi.JNDIOps.searchSubTree(JNDIOps.java:1030)
     at com.ca.directory.jxplorer.broker.JNDIDataBroker.unthreadedSearch(JNDIDataBroker.java:772)
     at com.ca.directory.jxplorer.broker.DataBroker.doSearchQuery(DataBroker.java:485)
     at com.ca.directory.jxplorer.broker.DataBroker.processRequest(DataBroker.java:253)
     at com.ca.directory.jxplorer.broker.JNDIDataBroker.processRequest(JNDIDataBroker.java:376)
     at com.ca.directory.jxplorer.broker.DataBroker.processQueue(DataBroker.java:200)
     at com.ca.directory.jxplorer.broker.JNDIDataBroker.processQueue(JNDIDataBroker.java:883)
     at com.ca.directory.jxplorer.broker.DataBroker.run(DataBroker.java:165)
     at java.lang.Thread.run(Thread.java:662)
When I execute that same search in JXplorer directly on one of the profile objects (e.g. tssprofile=@oneofourprofiles,tssadmingrp=profiles,host=a12sysid,o=tgslc.org), it runs successfully.
Here is an old post. Seems the op encountered the same problem I did.
authentication provider for CA eTrust LDAP server
Anyone work with these technologies in a past life?
Thanks,
Rob

Are you able to see the users in weblogic?Not for this AP. I have a ReadOnly SQL authenticator as well. I am able to see users for that, and for the Default Authenticator.
Have you assigned admin roles to the user in weblogic?No. I do not intend to do that, and I don't believe I am required to do that.
is the group base dn properly configured?Yes.

Workshop 8.1 Calling EJB from Custom Authentication Provider

I am writing a custom authentication provider that runs on Weblogic Server 8.1 and also on Workshop 8.1. Everything is packaged into a jar file that I put into the mbeantypes directory. From the authentication provider I want to get an EJB home that is on another Weblogic 8.1 server.
Loading the home from the Weblogic server works great. But in Workshop I get a ClassCastException from the PortableRemoteObject.narrow() call.
This happens in Workshop even if I remove all my application jar files, so I am left with nothing but the startup classpath and the files in the mbeantypes directory. That is, I don't have any classes in two directories.
When I look at the class that I actually get back from the call to context.lookup( jndiName ), I get the same stub class back on the Weblogic Server and on the Workshop server. But only on Workshop do I have this casting problem.
Any ideas?
Thanks,
Mark

Issue has been resolved.
The reason I've forgotten about Value Object that is being returned by Remoute method to put them into classpath of Authenticator Provider

Delete Authenticator Provider with WLST

Hi,
I need to change an authentication provider for a newer one with a WLST script. Both providers have the same name.
I found the createAuthenticationProvider method to add the new provider, but I find no way to delete the previous provider before adding the new. If I try to add new provider without removing the older returns an "alredy exists" error.
Is there a WLST method to delete an authentication provider?
Thank you.

Ok... I have found the solution myself...
There is a method called "destroyAuthenticationProvider".
name = 'Authenticator';
cd('/SecurityConfiguration/' + domainName + '/Realms/' + realmName);
auth = cmo.lookupAuthenticationProvider(name);
cmo.destroyAuthenticationProvider(auth);
Reference: http://docs.oracle.com/cd/E14571_01/apirefs.1111/e13945/weblogic/management/security/authentication/class-use/AuthenticationProviderMBean.html

Siteminder authentication provider ,weblogic 8.1 startup error

Similar Messages

Maybe you are looking for