Unable to use a custom security realm with Netscape Directory Server in WebLogic 7

I have all users and groups stored in a Netscape LDAP server (version 4.1.6 on
Solaris 8), so I want to create a custom security realm in WebLogic 7 (also run
on Solaris 8) which uses my LDAP server as the Authenticator. I tried this by
using the Admin Console and followed exactly the steps in Chapter 3 of the "Managing
WebLogic Security" doc. However, when I rebooted WebLogic and logged into the
Admin Console again and clicked the Users node under my custom realm, I saw this
message in the right-hand pane: "There are no Authentication providers available
that support the creation of Users". Also, I don't see my custom realm in the
dropdown list under mydomain -> Security tab -> General tab -> Default Realm.
What did I do wrong? Also, where does WebLogic store the custom security realm
info? It is definitely not in config.xml.
Thanks,
Eric Ma

Thanks for the info.
I wonder when they will fix it.
Jakub
U¿ytkownik "Eric Ma" <[email protected]> napisa³ w wiadomo¶ci
news:[email protected]..
>
According to BEA Tech Support, a known bug prevents the WLS 7 AdminConsole from
displying users and groups defined in Netscape Directory Server.
Eric Ma
"Jakub Wroniszewski" <[email protected]> wrote:
I have the same problem.
Any new ideas?
Rgds,
Jakub
U¿ytkownik "Eric Ma" <[email protected]> napisa³ w wiadomo¶ci
news:[email protected]..
Now I doubt my custom security realm is actually using the NetscapeDirectory Server
as the authenticator. Unlike in WebLogic 6.1 Admin Console, whereclicking on
the Users node displays all users in the LDAP server, in WebLogic 7I keep
getting
the message "There are no Authentication providers available that
support
the
creation of Users." Any suggestions?
"Eric Ma" <[email protected]> wrote:
Never mind. I tried again by following the steps outlined at
http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.deve
l
oper.interest.security&item=8463&utag=
and it seemed to have worked for me.
"Eric Ma" <[email protected]> wrote:
I have all users and groups stored in a Netscape LDAP server (version
4.1.6 on
Solaris 8), so I want to create a custom security realm in WebLogic7
(also run
on Solaris 8) which uses my LDAP server as the Authenticator. I
tried
this by
using the Admin Console and followed exactly the steps in Chapter3
of
the "Managing
WebLogic Security" doc. However, when I rebooted WebLogic and logged
into the
Admin Console again and clicked the Users node under my custom realm,
I saw this
message in the right-hand pane: "There are no Authentication
providers
available
that support the creation of Users". Also, I don't see my customrealm
in the
dropdown list under mydomain -> Security tab -> General tab ->
Default
Realm.
What did I do wrong? Also, where does WebLogic store the customsecurity
realm
info? It is definitely not in config.xml.
Thanks,
Eric Ma

Similar Messages

Weblogic Integration with Netscape Directory Server - Help URGENT

Prashant,
Yes, I did. Did you copy the ldaprealm.properties to the same place as where
your weblogic.properties is located by default. The original sample file is
located in examples/....directory. After your changes are made copy the file
to c:/weblogic directory.
Hope this helps.
-Sunil .K
Prashanth <[email protected]> wrote in message
news:[email protected]...
Hi,
Can anyone who's tried using the LDAPRealm to talk to Netscape Directory
Server 4.1tell me exactly what are the steps that one needs to follow toset
this up:
1. Changes in the ldaprealm.properties file
2. Changes in the weblogic.properties file
3. Changes on NDS side, if any
Erorr I am getting:
Thu Jun 29 10:24:53 EDT 2000: <System Props> weblogic.class.path =
d:\weblogi
c\lib\weblogic510sp3.jar;d:\weblogic\license;d:\weblogic\classes;d:\weblogic
\mys
erver\serverclasses;d:\weblogic\lib\weblogicaux.jar
Thu Jun 29 10:24:53 EDT 2000: <System Props> weblogic.system.home =
d:\weblog
ic
Thu Jun 29 10:24:53 EDT 2000: <WebLogicServer> Loaded License :
D:/weblogic/l
icense/WebLogicLicense.xml
Thu Jun 29 10:24:53 EDT 2000: <WebLogicServer> Server loading from
weblogic.c
lass.path. EJB redeployment enabled.
java.io.FileNotFoundException: ldaprealm.properties (The system cannotfind
the
file specified)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java, Compiled
Code)
at
weblogic.security.internal.RealmProperties.getProperties(RealmPropert
ies.java:37)
at
weblogic.security.internal.RealmProperties.<init>(RealmProperties.jav
a:20)
at
weblogic.security.ldaprealm.LDAPDelegate.configureProps(LDAPDelegate.
java:78)
at
weblogic.security.ldaprealm.LDAPDelegate.<init>(LDAPDelegate.java:198
at weblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:35)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:79)
at weblogic.security.acl.Realm.getRealm(Realm.java:57)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1744)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:825)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
at weblogic.NTServiceHelper.run(NTServiceHelper.java:19)
at java.lang.Thread.run(Thread.java:479)
--------------- nested within: ------------------
weblogic.security.ldaprealm.LDAPException: ldaprealm.properties notfound -
with
nested exception:
[java.io.FileNotFoundException: ldaprealm.properties (The system cannot
find> the> file specified)
at
weblogic.security.ldaprealm.LDAPDelegate.configureProps(LDAPDelegate.
java:82)
at
weblogic.security.ldaprealm.LDAPDelegate.<init>(LDAPDelegate.java:198
at weblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:35)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:79)
at weblogic.security.acl.Realm.getRealm(Realm.java:57)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1744)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:825)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
at weblogic.NTServiceHelper.run(NTServiceHelper.java:19)
at java.lang.Thread.run(Thread.java:479)
The WebLogic Server did not start up properly.
Exception raised: java.lang.reflect.InvocationTargetException
java.lang.reflect.InvocationTargetException: java.lang.IllegalAccessError:
weblo
gic.security.ldaprealm.LDAPException: ldaprealm.properties not found -with
nest
ed exception:
[java.io.FileNotFoundException: ldaprealm.properties (The system cannot
find> the> file specified)
at weblogic.security.acl.Realm.getRealm(Realm.java:86)
at weblogic.security.acl.Realm.getRealm(Realm.java:57)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1744)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:825)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
at weblogic.NTServiceHelper.run(NTServiceHelper.java:19)
at java.lang.Thread.run(Thread.java:479)
java.lang.IllegalAccessError: weblogic.security.ldaprealm.LDAPException:
ldaprea
lm.properties not found - with nested exception:
[java.io.FileNotFoundException: ldaprealm.properties (The system cannot
find> the> file specified)
at weblogic.security.acl.Realm.getRealm(Realm.java:86)
at weblogic.security.acl.Realm.getRealm(Realm.java:57)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1744)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:825)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
at weblogic.NTServiceHelper.run(NTServiceHelper.java:19)
at java.lang.Thread.run(Thread.java:479)
WebLogic Server terminated with an abnormal condition of 1
Hit return to continue...>>>>>>>>>

Errors encountered while using a Custom Security Realm on a Platform Domain

Hi,
We have created a WebLogic Platform Domain. A WebLogic Portal application(Portal
7.0) and some Web Service apps are running on this domain.
We have created a Custom Security Realm b'cos of our application requirements
and now when I startup the Platform Domain, I see lot of errors.
Some of the errors typically are
"<Jan 16, 2003 4:07:02 PM EST> <Error> <HTTP> <101256> <The run-as user: wlisystem,
for the servlet: ApplicationView for the webapp: /WLI_AI_Workshop_Control_Web,
could not be resolved to a valid user in the system. Please check if the user
exists.
javax.security.auth.login.LoginException: Authentication Failed: User wlisystem
denied in Realm Adapter realm weblogic"
or
Unable to deploy EJB: wlai-eventprocessor-ejb.jar from wlai-eventprocessor-ejb.jar:weblogic.ejb20.WLDeploymentException:
weblogic.ejb20.interfaces.PrincipalNotFoundException: Authentication Failed: User
wlisystem denied in Realm Adapter realm weblogic
Do we have to create any predefined user accounts in the Security Store to get
rid of these errors. I would appreciate if anyone can suggest some tips or workarounds
for configuring or creating a Custom Security Realm for Web Logic Platform Domain.
Thanks
Vikram

Hello Vikram,
Are you using the new WLS 7.0 security framework? It is not supported for
Portal 7.0. For Portal 7.0 apps you have to use compatibility mode (6.x
style) security.
Ture Hoefner
BEA Systems, Inc.
www.bea.com
"Vikram Datla" <[email protected]> wrote in message
news:3e273015$[email protected]..
>
Hi,
We have created a WebLogic Platform Domain. A WebLogic Portalapplication(Portal
7.0) and some Web Service apps are running on this domain.
We have created a Custom Security Realm b'cos of our applicationrequirements
and now when I startup the Platform Domain, I see lot of errors.
Some of the errors typically are
"<Jan 16, 2003 4:07:02 PM EST> <Error> <HTTP> <101256> <The run-as user:wlisystem,
for the servlet: ApplicationView for the webapp:/WLI_AI_Workshop_Control_Web,
could not be resolved to a valid user in the system. Please check if theuser
exists.
javax.security.auth.login.LoginException: Authentication Failed: Userwlisystem
denied in Realm Adapter realm weblogic"
or
Unable to deploy EJB: wlai-eventprocessor-ejb.jar fromwlai-eventprocessor-ejb.jar:weblogic.ejb20.WLDeploymentException:
weblogic.ejb20.interfaces.PrincipalNotFoundException: AuthenticationFailed: User
wlisystem denied in Realm Adapter realm weblogic
Do we have to create any predefined user accounts in the Security Store toget
rid of these errors. I would appreciate if anyone can suggest some tips orworkarounds
for configuring or creating a Custom Security Realm for Web Logic PlatformDomain.
>
Thanks
Vikram

Are there any known issues concerning using DIGEST-MD5 SASL authentication with iPlanet Directory Server 5.0 on Windows NT 4.0?

I am developing support for the DIGEST-MD5 sasl mechnism on a c-ldap client. I am using the evaluation version of the iPlanet Directory Server 5.0 which lists DIGEST-MD5 as a supported SASL mechanism. The server is running on NT 4.0 After installing the Directory Server with the test database, a changed the passwordStorageScheme from the default of SSHA to clear text. I then added my test user. When I run my test I always get back a resultCode of 49 (invalidCredentials). The digest-challenge I receive from the server and my digest-response are shown below. I have satisfied myself that the calculation of the response directive in the digest response is correct. Does anyone see any problems in the digest response or have any other suggestions? Is there a known problem with the iPlanet Directory Server 5.0?
digest-challenge:
realm="BGB2.ndp.provo.novell.com",nonce="Ed8UPLXsWaC6CN",qop="auth",algorithm=md5-sess,charset=utf-8
digest-response:
username="uid=bgbrown,ou=people,dc=siroe,dc=com",realm="BGB2.ndp.provo.novell.com",cnonce="A9IuPJKr30RiwL",nc=00000001,qop=auth,digest-uri="ldap/BGB2.ndp.provo.novell.com",response=97061205298e5ebaf206c8ac3598fdce,charset=utf-8,nonce="Ed8UPLXsWaC6CN"

Found the answer. When the username is an LDAP DN it needs to be proceeded by "dn:".
example: username="dn:uid=bgbrown,ou=people,dc=siroe,dc=com"
The server also accepts a simple uid value.
example: username="bgbrown"

One custom security realm for many wl servers?

Is it possible to use one custom security realm for many weblogic servers...ie
one login for all application on different weblogic server.

Is it possible to use one custom security realm for many weblogic servers...ie
one login for all application on different weblogic server.

Using LDAP as security realm

Hi,
Our goal is to use LDAP(Iplanet Directory Server 5.0) as a security Realm
for Weblogic Personalization and Commerce 3.5.
Using the WLCS console, I've modified the config.xml file and following
elements are added:
<LDAPRealm AuthProtocol='simple' Credential='admin'
GroupDN='ou=groups,dc=netnumina,dc=com' GroupIsContext='false'
GroupUsernameAttribute='uniquemember'
LDAPURL='ldap://sanand.netnumina.com:389' Name='wlcsLDAPRealm'
Principal='uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot'
UserAuthentication='local' UserDN='ou=people,dc=netnumina,dc=com'
UserNameAttribute='uid'/>
<CachingRealm BasicRealm='wlcsLDAPRealm' CacheCaseSensitive='true'
Name='wlcsCachingRealm'/>
But when we try to restart the WLCS, it throws java exceptions that context
is not initialized and I get the following error
<Jun 15, 2001 3:41:28 PM EDT> <Emergency> <Server> <Unable to initialize the
ser
ver: 'Fatal initialization exception
Throwable: weblogic.security.ldaprealm.LDAPException: could not get
context - wi
th nested exception:
[java.lang.reflect.InvocationTargetException - with target exception:
[javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid
Credential
s]]]
weblogic.security.ldaprealm.LDAPException: could not get context - with
nested e
xception:
I tried using Windows NT as a security realm but that gave me errors too.
Does anyone has any experience using anything other than the default Realm?
Any help would be appreciated. Thanks!
Asim Raja
[email protected]

I'm not sure, but I suspect you can't
since this would create a circular dependency -
your realm would rely on the upper level security
checking calls but those calls would rely on your
realm.
My suggestion is to give it a try and see what
happens.
-Tom
Ozcan ADIYAMAN <[email protected]> wrote:
Hi ,
I am implementing a simple custom security realm using LDAP as the
security store and I can see the users, groups and acls from the admin
console.
My question is (a custom realm newbie question) ;
Is it possible to use weblogic.security.acl.Security with my custom
realm to check permissions, get the current user,etc.,
OR
is this class ONLY used with default realms (when ACL is stored in a
file) ?
Thanks
Ozcan

What is the best way to deploy/update custom security realm classes to WLS 6.0?

From the WLS 6.0 console, I see that I can specify the Java class that
implements my custom security realm but I am wondering what is the best way
to deploy/update this code. I don't see a way to do this from the console.
Does this mean that I have to manually copy the class files over that
implement my custom security realm?

Thanks Danut,
A jar file seems to be a good way to package it up but it sounds like it
still needs to be manually copied to each Weblogic server install directory
post-installation and whenever it is updated. I thought it would be nice to
be able to deploy/update the custom security realm by uploading it through
the Console just as you can with web applications and EJBs.
Brian
"Danut Prisacaru" <[email protected]> wrote in message
news:3aba2db0$[email protected]..
You have to have your Custom Realm class in the class path. I usually havea
jar file with all the Custom Realm classes and that jar I copy it in thelib
folder. Then I modify "startWebLogic.cmd" and I add to the classpath
".\lib\CustomRealm.jar"
set
CLASSPATH=.;.\lib\weblogic_sp.jar;.\lib\weblogic.jar;.\lib\CustomRealm.jar;
>
Be aware that in order to have you custom realm besides creating thecustom
realm using the console you also have to create a custom caching andchoose
that one as your default caching realm.
Here is how the security settings are looking in my "config.xml"
<CustomRealm Name="CustomRealm"
RealmClassName="Custom.appserver.weblogic.security.CustomRealm"/>
<CachingRealm BasicRealm="CustomRealm" CacheCaseSensitive="true"
Name="CustomCachingRealm"/>
<Realm CachingRealm="CustomCachingRealm" FileRealm="wl_default_file_realm"
Name="wl_default_realm"/>
<FileRealm Name="wl_default_file_realm"/>
<Security GuestDisabled="false"
Name="mydomain" PasswordPolicy="wl_default_password_policy"
Realm="wl_default_realm"/>
Danut

Accessing Custom Security Realm and NotOwnerException.

I have installed the RDBMS example security realm, which appears to work fine. However when I attempt to access this realm from a Servlet via Realm.getRealm("name") I get an NotOwnerException being thrown.
Ideas ?
regards,
Jeff.

We did something similar in a past project, and it turned out to be more of a mess than
it was worth it (not only the "chicken-egg" dilemma with system, guest, administrator
users, etc., but also with various lookup and threading issues.) We ended up ripping
out the code and writing a new one which does not use an EJB.
EJB are supposed to be written in terms of container services (which security being one
of the services the container provides) but in this scenario you'd be writing one of the
container services in terms of EJBs, so it "breaks" the proper layering.
In our case, we wanted to "encapsulate" our security code from Weblogic's propreitary
realm mechanism, at the end we still achieved without having to create a session bean
(sometimes regular Java classes work just fine) :-)
regards,
-Ade
"watscheck" <[email protected]> wrote in message news:[email protected]..
>
Hi,
i want to use a sessonEJB as my security store for the custom security realm in
weblogic server 6.1.
Has anyone experience with that?
First i have to pass all filerealm users through my custom realm (csr) because
it is not possible to authenticate the system and guest users before the sessionEJB
itself is loaded.
OK, but my problem is the authentication of the csr at the sessionEJB, which is
itself secured by method-permission in it's assemblydesciptor. So i have to get
an initialcontext with an authorized user for the sessionEJB an invoke all protected
methods with this principal.
But Bea WLS has a problem with propagating this user back to the actual application.
Is there a way that the application (web-app and ejbs) is not affected by the
authentification of the csr at the sessionEJB (security store)?
And is it right that the new initialcontext in the csr always overrides the bea
context and with that the servlet request of the web-app?
thanks in advance
watscheck

Purchased elements 12 in November 2013. Worked for a little while but since January have been unable to use it. Comes up with "Photoshop Elements 12 Editor has stopped working"

purchased photoshop elements 12 online in November 2013. worked for a little while but since January have been unable to use it. Comes up with "Photoshop Elements 12 Editor has stopped working"

Hi there CrossbowsandWings,
You may find the troubleshooting steps in the article below helpful.
Apple computers: Troubleshooting issues with video on internal or external displays
http://support.apple.com/kb/ht1573
-Griff W.

Problems in transforming XML to HTML using HP-UX with Netscape Enterprise Server 4.0 sp3

Hi,
Has anyone ever had any problem using XML in NES 4.0 sp3?
I'm using the libraries com.sun.xml.parser, com.sun.xml.tree, javax.xml.transform.
The html is being created but is not being returned.
(it is not showed in browser)
This same xml application works well in Solaris with Iplanet Web Server 4.1, but it is not working in HP-UX with Netscape Enterprise Server 4.0 sp3.
I'm entirely lost. I don't know if there is a bug in this version (NES 4.0) or if I need other xml libraries or it is a problem of JRE version.
Any comments will be appreciate.
Thanks

<BLOCKQUOTE>quote:<HR>Originally posted by Norbert Clavaux ([email protected]):
Hi,
Last year we built a complete new website, based on XML/XSL.
We assumed all browsers would cope with XSL by now, but that was far to optimistic.
Our company planned to launch the new site this december, but XSL is giving us some major problems:
*** All our customers are obliged to use Internet Explorer 4/5.x. Some don't like that at all: they stick to Netscape.
*** IE users have to download and install the MS-XSL parser. At our pilotsites this is giving a lot of trouble and frustration.
I heard that it is possible to do the parsing at the serverside, using XSLT, creating HTML.
HOW CAN WE INSTALL / IMPLEMENT THIS OPTION IN OUR CONFIGURATION?
(PL/SQL / IAS 9i / Sun Solaris / Oracle 8.1.2)
Thanks in advance,
Norbert Clavaux
Nederlandse Bibliotheek Dienst
The Netherlands<HR></BLOCKQUOTE>
You could use DB Prism / Cocoon CMS.
This CMS is built on top of Apache Cocoon Framework and DB Prism servlet engine.
This CMS stores the assets in the DB (CLOB) and applys the stylesheet at runtime.
If you need more information about this CMS look at is free.
This CMS builts the DB Prism web site at www.plenix.com/dbprism/
Best regards, Marcelo.

Weblogic server 5.1.0 with sp8 does not work with LDAP (Netscape Directory Server 4.12)

I have weblogic server 5.1.0 with the sp8 running on Windows NT server 4.0.
The weblogic server is configured to use LDAP realm (Netscape directory
server 4.12).
When I try to run weblogic server and I am getting the following errors:
The WebLogic Server did not start up properly.
Exception raised: java.lang.reflect.InvocationTargetException
java.lang.reflect.InvocationTargetException: java.lang.ExceptionInInitialize
or: weblogic.security.ldaprealm.LDAPRealmException: cannot connect to ldapse
without a principal to authenticate as
at weblogic.security.ldaprealm.LDAPDelegate.setupProperties(LDAPDele
.java, Compiled Code)
at weblogic.security.ldaprealm.LDAPDelegate.<clinit>(LDAPDelegate.ja
83)
at weblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:34)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:78)
at weblogic.security.acl.Realm.getRealm(Realm.java:56)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1756)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:827)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
java.lang.ExceptionInInitializerError: weblogic.security.ldaprealm.LDAPRealm
ption: cannot connect to ldapserver without a principal to authenticate as
at weblogic.security.ldaprealm.LDAPDelegate.setupProperties(LDAPDele
.java, Compiled Code)
at weblogic.security.ldaprealm.LDAPDelegate.<clinit>(LDAPDelegate.ja
83)
at weblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:34)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:78)
at weblogic.security.acl.Realm.getRealm(Realm.java:56)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1756)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:827)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
And here is the my ldaprealm.properties file
netscape.server.host=localhost
netscape.server.port=389
netscape.server.ssl=false
netscape.server.principal=uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot
netscape.server.credential=password
netscape.user.dn=ou=People, o=towers.com
netscape.user.filter=(&(uid=%u)(objectclass=person))
netscape.group.dn=ou=Groups, o=towers.com
netscape.group.filter=(&(cn=%g)(objectclass=groupofuniquenames))
netscape.membership.filter=(&(uniquemember=%M)(objectclass=groupofuniquename
s))
By looking at the error message, it seems like the "server.principal" and
"server.credential" info is not correct.
But I was able to use the same Netscape Directory server with Welogic 5.1.0
with sp4, although the ldaprealm.properties file has somewhat different
format.
Did anyone have similar problems with sp8?
Thanks in advance for any suggestions.

BEA support just gave me the solution.
They told me to uncomment out the line
server.alias=netscape
in the ldaprealm.properties file
And I am able to start weblogic with my NIS
Thanks
"Enrique" <[email protected]> wrote in message
news:[email protected]...
>
Hi,
Have you try to remove the "system" user on the LDAP server?
Regards.
"Honghai Zhang" <[email protected]> wrote:
I have weblogic server 5.1.0 with the sp8 running on Windows NT server
4.0.
The weblogic server is configured to use LDAP realm (Netscape directory
server 4.12).
When I try to run weblogic server and I am getting the following errors:***************************************************************************
The WebLogic Server did not start up properly.
Exception raised: java.lang.reflect.InvocationTargetException
java.lang.reflect.InvocationTargetException:
java.lang.ExceptionInInitialize
or: weblogic.security.ldaprealm.LDAPRealmException: cannot connect toldapse
without a principal to authenticate as
atweblogic.security.ldaprealm.LDAPDelegate.setupProperties(LDAPDele
..java, Compiled Code)
atweblogic.security.ldaprealm.LDAPDelegate.<clinit>(LDAPDelegate.ja
83)
atweblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:34)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:78)
at weblogic.security.acl.Realm.getRealm(Realm.java:56)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1756)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:827)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)
java.lang.ExceptionInInitializerError:weblogic.security.ldaprealm.LDAPRealm
ption: cannot connect to ldapserver without a principal to authenticate
as
atweblogic.security.ldaprealm.LDAPDelegate.setupProperties(LDAPDele
..java, Compiled Code)
atweblogic.security.ldaprealm.LDAPDelegate.<clinit>(LDAPDelegate.ja
83)
atweblogic.security.ldaprealm.LDAPRealm.<init>(LDAPRealm.java:34)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:241)
at weblogic.security.acl.Realm.getRealm(Realm.java:78)
at weblogic.security.acl.Realm.getRealm(Realm.java:56)
at weblogic.t3.srvr.T3Srvr.initializeSecurity(T3Srvr.java:1756)
at weblogic.t3.srvr.T3Srvr.start(T3Srvr.java, Compiled Code)
at weblogic.t3.srvr.T3Srvr.main(T3Srvr.java:827)
at java.lang.reflect.Method.invoke(Native Method)
at weblogic.Server.startServerDynamically(Server.java:99)
at weblogic.Server.main(Server.java:65)
at weblogic.Server.main(Server.java:55)***************************************************************************
And here is the my ldaprealm.properties file////////////////////////////////////////////////////////////////////////////
netscape.server.host=localhost
netscape.server.port=389
netscape.server.ssl=false
netscape.server.principal=uid=admin, ou=Administrators,
ou=TopologyManagement, o=NetscapeRoot
netscape.server.credential=password
netscape.user.dn=ou=People, o=towers.com
netscape.user.filter=(&(uid=%u)(objectclass=person))
netscape.group.dn=ou=Groups, o=towers.com
netscape.group.filter=(&(cn=%g)(objectclass=groupofuniquenames))
netscape.membership.filter=(&(uniquemember=%M)(objectclass=groupofuniquename
s))////////////////////////////////////////////////////////////////////////////
By looking at the error message, it seems like the "server.principal" and
"server.credential" info is not correct.
But I was able to use the same Netscape Directory server with Welogic5.1.0
with sp4, although the ldaprealm.properties file has somewhat different
format.
Did anyone have similar problems with sp8?
Thanks in advance for any suggestions.

User provisioning with Sun Directory Server

I'm migrating from the internal user data store to external with Sun Directory Server as the LDAP backend and I'm unable to provision new users. I use unidssearch to list the unprovisioned accounts and it lists the user I'd like to provision. I then execute 'uniuser -user -add "DID=uid=testy,ou=People,dc=domain,dc=com" -n 10' which returns an Insufficient access right error. When I look at das.log I see the following entry...
DATE = Thu May 10 10:25:09 2007
PID = 440; TID = 1095888896
LOG TYPE -> DEBUG
FUNCTION NAME -> ctldap_CalUserUpdateByDirectoryId
dn: uid=testy,ou=People,dc=domain,dc=com
changetype: add
ctCalXItemId: 00010:00500
o: Domain Corporation
objectClass: ctCalUser
This entry tells me that uniuser is try to do an LDAP_ADD on an existing object in the directory when it should do a LDAP_MODIFY.
Does anyone know why this is?

the unidsacisetup(8) command can be used to add the ACI for Sun Directory server. The ACI it sets is a little to loose for my liking so I modified it slightly.
Original:
(target="ldap:///dc=domain,dc=com") (targetattr = "*") (version 3.0; acl "Calendar Administrators Group"; allow(all) groupdn = "ldap:///cn=OracleCalendarAdminGroup,ou=OracleCalendar,dc=domain,dc=com";)
Modified:
(target="ldap:///dc=domain,dc=com") (targetattr = "*") (version 3.0; acl "Calendar Administrators Group"; allow(read,write,compare) groupdn = "ldap:///cn=OracleCalendarAdminGroup,ou=OracleCalendar,dc=domain,dc=com";)

Problem with iPlanet Directory server v5.1

Hi all,
We have upgraded (parallel) from Netscape Directory server v4.2 to iPlanet Directory Server v5.1
Here are few issues that I�m experiencing.
1. In the directory view, all accounts are displayed by the user ID rather then the Common Name like it used to be with the Netscape Directory Server.
I can not find any options to change the view.
2. When searching for the user, once user is found, i can not do the right click to be able to delete the user. (was able to in the older version).
Any feedback will be greatly appreciated,
Thanks

I have a suggestion - try another means for administering your directory - use the console only for maintenance and tuning purposes. There are several products out there that are much better for day to day operations ...
Otherwise - I think with 5.1 the view is based on the rdn of the entries - and I am not sure it is customizable. Additionally I know 5.2 solved your second issue - maybe the latest SP of 5.1 has solved it as well - though I don't really know ...
-Chris Larivee

Instructions for OID to work with Netscape Directory

Where can I find instructions to give to a customer that shows step by step how to setup OID to work with Netscape Directory. Thank you.

Hi Sheree:
Make sure you check out our internal web site for OID. Lots of good information there about Directory Integration with other Server. If you have any questions after reading this let me know.
Thanks,
Jay
null

Using an alternate security realm

Hi,
I'm trying to configure the Weblogic Personalization & Personalization
Server v3.5 to use NT or LDAP as a security realm.
With LDAP, the server reboots properly but when I try to goto
http://localhost:7501/tools, it prompts me for password/userid and none of
the user accounts(including for weblogic and those in the LDAP) work.
When I try to configure for NT security realm and then I try to reboot the
server, I get the error message below.
Any help would be greatly appreciate. Thanks!
Asim
[email protected]
NT error message:
U n a b l e t o a d j u s t t o k e n p r i v i l e g e s
U n a b l e t o a d j u s t t o k e n p r i v i l e
g e
s
java.lang.SecurityException: Unable to assert all required
priviledges
at weblogic.security.ntrealm.NTDelegate.initFields(Native Method)
at weblogic.security.ntrealm.NTDelegate.loadlib(NTDelegate.java:218)
at weblogic.security.ntrealm.NTDelegate.<init>(NTDelegate.java:84)
at weblogic.security.ntrealm.NTRealm.<init>(NTRealm.java:42)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:237)
at weblogic.security.acl.Realm.getRealm(Realm.java:84)
at weblogic.security.acl.Realm.getRealm(Realm.java:62)
at
weblogic.security.SecurityService.initializeRealm(SecurityService.jav
a:265)
at
weblogic.security.SecurityService.initialize(SecurityService.java:123
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:343)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<Jun 19, 2001 1:58:10 PM EDT> <Emergency> <Server> <Unable to initialize the
ser
ver: 'Fatal initialization exception
Throwable: java.lang.IllegalAccessError: java.lang.SecurityException: Unable
to
assert all required priviledges -- bad domain name
java.lang.IllegalAccessError: java.lang.SecurityException: Unable to assert
all
required priviledges -- bad domain name

Hi,
I'm trying to configure the Weblogic Personalization & Personalization
Server v3.5 to use NT or LDAP as a security realm.
With LDAP, the server reboots properly but when I try to goto
http://localhost:7501/tools, it prompts me for password/userid and none of
the user accounts(including for weblogic and those in the LDAP) work.
When I try to configure for NT security realm and then I try to reboot the
server, I get the error message below.
Any help would be greatly appreciate. Thanks!
Asim
[email protected]
NT error message:
U n a b l e t o a d j u s t t o k e n p r i v i l e g e s
U n a b l e t o a d j u s t t o k e n p r i v i l e
g e
s
java.lang.SecurityException: Unable to assert all required
priviledges
at weblogic.security.ntrealm.NTDelegate.initFields(Native Method)
at weblogic.security.ntrealm.NTDelegate.loadlib(NTDelegate.java:218)
at weblogic.security.ntrealm.NTDelegate.<init>(NTDelegate.java:84)
at weblogic.security.ntrealm.NTRealm.<init>(NTRealm.java:42)
at java.lang.Class.newInstance0(Native Method)
at java.lang.Class.newInstance(Class.java:237)
at weblogic.security.acl.Realm.getRealm(Realm.java:84)
at weblogic.security.acl.Realm.getRealm(Realm.java:62)
at
weblogic.security.SecurityService.initializeRealm(SecurityService.jav
a:265)
at
weblogic.security.SecurityService.initialize(SecurityService.java:123
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:343)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<Jun 19, 2001 1:58:10 PM EDT> <Emergency> <Server> <Unable to initialize the
ser
ver: 'Fatal initialization exception
Throwable: java.lang.IllegalAccessError: java.lang.SecurityException: Unable
to
assert all required priviledges -- bad domain name
java.lang.IllegalAccessError: java.lang.SecurityException: Unable to assert
all
required priviledges -- bad domain name

Unable to use a custom security realm with Netscape Directory Server in WebLogic 7

Similar Messages

Maybe you are looking for