Weblogic authentication programatically

Hello Experts,
I have to authenticate the weblogic programatically ,as the client has deployed a serverlet in weblogic, and i have my web-application on the same weblogic.
my web application has a link , where it try to get a document from the archive server , thorugh the servlet . the web.xml for the server has <auth-method>BASIC</auth-method>
so from my web application when we click , now the pop-up/login/credential box is coming, I do have the credentials for this , as in the security realms the user is created.
I want to avoid this pop up and pass the credentials ,and do the authentication progrmatically.
all in my java I have a string URL="http://localhost:8080/servlet/xxxx?"
Can any1 suggest or let me know the feasible way
Edited by: Gkparis on Sep 11, 2012 2:03 AM

Hi Kalyan,
I am aware of the auth-method , my constraint is :
Client has deployed this servlet aling with auth-method -BASIC and client dont want to change any thing in the web.xml or any other configuration changes
So i am wondering , if this has to be achieved by programming way , maybe some wat like this url :
http://docs.oracle.com/cd/E11035_01/wls100/security/thin_client.html#wp1035574
still i am stuck because, i have a string strUrl="http://localhost:8080/servlet"
and the API here
weblogic.servlet.security.ServletAuthentication.runAs(mySubject, request);
needs the request object
Any pointer u can suggest !!!

Similar Messages

  • OBIEE 11g -  Weblogic Authentication Denied

    Hello All,
    I did install OBIEE 11g 11.1.1.3.3 in my personal PC which has windows XP SP3 and I did choose "Enterprise Installation" as an option.
    Before installing this I did install the Loop Back Adapter and also set the IP address in the Host file ( 10.10.10.10 Mycomputername mycompany.com).
    Installation went through very much fine no errors at all. Analytics page was opened after the installation and When I gave the weblogic Credentials it was Unable to sign in.
    When I tried to login to Weblogic Console it says "Authentication Denied".
    Checked the services Weblogic Node manager started but Oracle Process Manager(instance1) did not start (1053 the service couldn't start in a timely fashion).
    Then I tried to StartBIServices from Start-> Allprograms->Oracle Business Intelligence gave Weblogic Credentials .... 2 cmd prompts were opened and all services are started and also the anlaytics page was opened and gave the credentials again same error "Unable to sign in" and agin tried to login to weblogic the same error "Authentication Denied". This is really strange....
    I thought this is something to do with rebooting the system after installation. So I restarted the system and started the services Weblogic Node Manager and Oracle Process Manager (instance1).
    This time both of them were started.
    Again tried to start the BI services Start-> Allprograms->Oracle Business Intelligence , gave the credentials ... this time only one cmd prompt was opened and it says weblogic authentication denied and its forcefully shut down and Other cmd prompt stopped at WLS.alive...
    Here is the Detail Log from Adminserver.log:
    <Apr 18, 2011 12:34:57 AM PDT> <Critical> <WebLogicServer> <kanna> <AdminServer> <Main Thread> <<WLS Kernel>> <> <> <1303112097109> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
    weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
         at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
         at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
         at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
         at weblogic.security.SecurityService.start(SecurityService.java:141)
         at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User weblogic javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User weblogic denied
         at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:250)
         at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
         at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
         at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
         at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
         at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
         at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
         at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:113)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
         at $Proxy22.login(Unknown Source)
         at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:91)
         at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         at java.lang.reflect.Method.invoke(Method.java:597)
         at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
         at $Proxy40.authenticate(Unknown Source)
         at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
         at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:348)
         at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:929)
         at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
         at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
         at weblogic.security.SecurityService.start(SecurityService.java:141)
         at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    >
    ####<Apr 18, 2011 12:34:57 AM PDT> <Notice> <WebLogicServer> <kanna> <AdminServer> <Main Thread> <<WLS Kernel>> <> <> <1303112097156> <BEA-000365> <Server state changed to FAILED>
    ####<Apr 18, 2011 12:34:57 AM PDT> <Error> <WebLogicServer> <kanna> <AdminServer> <Main Thread> <<WLS Kernel>> <> <> <1303112097156> <BEA-000383> <A critical service failed. The server will shut itself down>
    ####<Apr 18, 2011 12:34:57 AM PDT> <Notice> <WebLogicServer> <kanna> <AdminServer> <Main Thread> <<WLS Kernel>> <> <> <1303112097156> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
    ####<Apr 18, 2011 12:34:57 AM PDT> <Info> <WebLogicServer> <kanna> <AdminServer> <Main Thread> <<WLS Kernel>> <> <> <1303112097172> <BEA-000236> <Stopping execute threads.>
    Checked the Opmnctl Status through cmd prmpt:
    coreapplication-obiccs1 - Alive
    coreapplication-obisch1 - Alive
    coreapplication-obijh1 - Alive
    coreapplication-obips1 - Alive
    coreapplication-obis1 - Alive
    I dont know if the weblogic user or password got corrupted ............???
    So I tried to reset the password by adding the Boot.properties file in the following path:
    C:\OBIEE11gfmw\user_projects\domains\bifoundation_domain\servers\AdminServer\security
    giving username=weblogic
    password =password123 in the file but no use still the same error.
    Did anybody got the same error ?
    Please help me.....
    Thanks in Advance...
    Regards
    Kanna
    Edited by: Kanna on Apr 18, 2011 1:14 AM
    Edited by: Kanna on Apr 18, 2011 10:45 AM

    Yes, but my username and password was simple and straight its weblogic/password123...
    Do you guys know how to reset the weblogic Admin password ?
    I want to try to debug this error first...... If I couldn't get any help anyhow I am going to Deinstall...
    but this shouldn't be the case evrytime.... because we are facing the same problem in our company ...Where we installed 11g in one of our DEV environments...
    There should be a some solution for this problem...
    Is there anything that I am doing wrong?
    Do I need to provide more information from Logs to understand the problem?
    Thanks
    Kanna

  • Reorder weblogic authentication providers

    I have a properties file containing a list of weblogic authentication providers in a certain order.
    example properties file :
        ### realm components ###
        AuthenticationProvider=DefaultAuthenticator,DefaultIdentityAsserter,IPlanetAuthenticator,WaliSAMLAuthenticator,UmoeAuthenticator,MooseAuthenticator
    and a wlst jython script who uses this properties file as an argument to create and reorders the authentication providers in the security realm.
    wlst code to create AuthenticationProviders :
         #                                      realm config                                    #
         for a in AuthenticationProvider:
             print 'Config AuthenticationProvider ' + a
             if a == "IDMx509IdentityAsserter":
                 print 'Creating AuthenticationProvider IDMx509IdentityAsserter'
                 createIDMx509IdentityAsserter()
             elif a == "SAMLIdentityAsserterV2":
                 print 'Creating AuthenticationProvider SAMLIdentityAsserterV2'
                 createSAMLIdentityAsserterV2()
             elif a == "IDMSamlAuthenticationProvider":
                 print 'Creating AuthenticationProvider IDMSamlAuthenticationProvider'
                 createIDMSamlAuthenticationProvider()
             elif a == "WaliSAMLAuthenticator":
                 print 'Creating AuthenticationProvider WaliSAMLAuthenticator'
                 createWaliSAMLAuthenticator()
             elif a == "UAMPepRoleMapper":
                 print 'Creating AuthenticationProvider UAMPepRoleMapper'
                 providerUrl = prop.get(a + '.ProviderUrl')
                 createUAMPepRoleMapper(providerUrl)
             else:
                 print '!Problem creating AuthenticationProvider , don\'t know how to create ' + a
        setOrderAuthenticationProvider(AuthenticationProvider,domainName)
    the methode to set the order:
        def setOrderAuthenticationProvider(listAuthenticationProvider,domainname):
            try:     
                cd('/SecurityConfiguration/' + domainname + '/DefaultRealm/myrealm/')
                arrayAuthenticationProviders = get('AuthenticationProviders')
                lengt = len(arrayAuthenticationProviders)+1
                for x in xrange(1,lengt):
                    arrayAuthenticationProviders.pop(len(arrayAuthenticationProviders)-1)
            except:
               print '!Problem while trying to cleanup arrayAuthenticationProviders'
            try:
                for a in listAuthenticationProvider:
                    print 'add ' + a + ' to authenticatorArray'
                    cd('/SecurityConfiguration/' + domainname + '/DefaultRealm/myrealm/AuthenticationProviders/' + a )
                    currentAuthenticator = cmo
                    arrayAuthenticationProviders.append(currentAuthenticator)
            except:
                print '!Problem while trying to construct list of autehticators'
                dumpStackRollback()
            try:
                cd('/SecurityConfiguration/' + domainname + '/Realms/myrealm')
                set('AuthenticationProviders',arrayAuthenticationProviders)
            except:
                print '!Problem while setting order AuthenticatoionProviders'
                dumpStackRollback()
    The problem is when I call the methode i get an exception saying arrayAuthenticatorionProvider has not the correct type.
    a correct example to set the order correct is this:
        set('AuthenticationProviders',jarray.array([ObjectName('Security:Name=myrealmDefaultIdentityAsserter'), ObjectName('Security:Name=myrealmDefaultAuthenticator'), ObjectName('Security:Name=myrealmMooseAuthenticator'), ObjectName('Security:Name=myrealmIDMx509IdentityAsserter'), ObjectName('Security:Name=myrealmSAMLIdentityAsserterV2'), ObjectName('Security:Name=myrealmIDMSamlAuthenticationProvider'), ObjectName('Security:Name=myrealmWaliSAMLAuthenticator'), ObjectName('Security:Name=myrealmUmoeAuthenticator'), ObjectName('Security:Name=myrealmIPlanetAuthenticator')], ObjectName))
    Can somme one tell me how i can adopt my code to create a correct jarray with ObjectName type objects.

    Hi Nishith,
    Thanks very much for your informaiton.
    The link provided by you tells the policy migraiton from file system(System-jazn) to LDAP(OID or OVD) in Domain Policy store.
    What we need is "Upon installing a new patch update to the Domain, the weblogic Authenctication providers getting deleted. Perticularly the one which we configured for External authentication(OVD Authenticator).
    In our User interface we have one functionality for creating a External authenticaiotn provider(External authentication). it will create the Authentication provider in Weblogic as well as OVD. when we are updating our application with patch in the domain, the weblogic provider getting deleted.
    As of now we are creating that Authentication provider manully in Weblogic. My quesiton is, is there any script(wlst) or workaroud to persist or recreate the provider?
    I Hope you understand my problem.
    Thank you

  • Weblogic Authentication Pop-up issue

    Hi,
    I have a problem with one of our application.
    We have the portal application deployed on weblogic which is authenticated by OAM/OIM.
    During the authentication process(after Putting the username and password) if the user click some where in the page weblogic authentication pop up window is thrown,
    The Http header shows
    WWW-Authenticate: Basic realm="WebLogic Server"
    And user need to clear the session cookies and relogin to access the application
    Had disabled the enforce-valid-basic-auth-credentials in weblogic security configuration, but that doesnt help
    <enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>
    Any suggestion on this

    The Pop up window appears during the login phase if the user clicks the back button or stop button or clicking some links on portal
    Thanks

  • Using SqlProvider and Weblogic authenticator in my own login page

    Hi All,
    I want to use SqlProvider of weblogic server for authentication of users. For the said purpose I have made necessary steps in weblogic server console. now i want to use it in my own login page and authenticate user based on sqlProvider and wls.
    Can u suggest me what to do? or where do I move next ?

    Add ADF Security to your application.
    - Add the groups (the ones in your WLS) to 'Enterprise roles' (use the same name).
    - Define your 'Application Roles' (the roles you want to use in your application) and add the corresponding Enterprise roles to it.
    - Set the resource grants
    That should be it.

  • Weblogic authentication denied in 10.3

    Not able to login to weblogic console. Have a weblogic server in one machine and i have to set up the same in another machine , when copied and paste in new machine it is not able to login to console , it is showing authentication denied..
    I have tried deleting all ldap files and also tried writing the uname and password in boot.config file..
    With Regards
    Mit

    Hi
    It's a bad practice to setup weblogic domains by copy and paste. You must install new setup for every machine. Weblogic maintains hostname of the machine in a number of files. In order to get your weblogic domain working, you will have to identify all the files in which hostname needs to be changed.
    Still I will recommend install a new setup on another machine.

  • OTM 6.1 installation - errors starting weblogic - authenticator error

    Installed OTM 6.1, followed the Administration guide, cannot start the weblogic server, log as follows: Has anyone seen this error before?
    ####<Jul 19, 2010 2:14:56 PM CDT> <Critical> <Security> <okmdevxx> <gc3-okmdev1001> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1279566896269> <BEA-090470> <Inconsistent security configuration, the otmrealm security realm has been configured to use security data in deployment descriptors but no DeployableAuthorizer has been configured with deployment enabled.>
    ####<Jul 19, 2010 2:14:56 PM CDT> <Critical> <WebLogicServer> <okmdevxxx> <gc3-okmdev1001> <Main Thread> <<WLS Kernel>> <> <> <1279566896280> <BEA-000362> <Server failed. Reason:
    There are 1 nested errors:
    weblogic.security.service.SecurityServiceRuntimeException: [Security:090411]Security Realm [otmrealm] improperly configured
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:439)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:840)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(CommonSecurityServiceManagerDelegateImpl.java:869)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1028)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
    at weblogic.security.SecurityService.start(SecurityService.java:141)
    at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Caused by: weblogic.management.utils.ErrorCollectionException: [Security:090519]The realm otmrealm is not properly configured. Follow the directions in the following errors to correctly configure the realm.
    [Security:090520]The realm otmrealm does not have an authenticator configured. To correct the problem, configure an authenticator.
    at weblogic.security.internal.RealmValidatorImpl.validate(RealmValidatorImpl.java:53)
    at weblogic.management.security.RealmImpl.validate(RealmImpl.java:53)
    at weblogic.management.security.RealmMBeanImpl.validate(RealmMBeanImpl.java:2632)
    at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:435)
    ... 8 more
    >
    ####<Jul 19, 2010 2:14:56 PM CDT> <Notice> <WebLogicServer> <okmdevxxx> <gc3-okmdev1001> <Main Thread> <<WLS Kernel>> <> <> <1279566896321> <BEA-000365> <Server state changed to FAILED>
    ####<Jul 19, 2010 2:14:56 PM CDT> <Error> <WebLogicServer> <okmdevxxx> <gc3-okmdev1001> <Main Thread> <<WLS Kernel>> <> <> <1279566896322> <BEA-000383> <A critical service failed. The server will shut itself down>
    ####<Jul 19, 2010 2:14:56 PM CDT> <Notice> <WebLogicServer> <okmdevxxx> <gc3-okmdev1001> <Main Thread> <<WLS Kernel>> <> <> <1279566896325> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
    ####<Jul 19, 2010 2:14:56 PM CDT> <Info> <WebLogicServer> <okmdevxxx> <gc3-okmdev1001> <Main Thread> <<WLS Kernel>> <> <> <1279566896332> <BEA-000236> <Stopping execute threads.>

    Welcome to the forums !
    This forum is meant for database installation issues. You might get a better/faster response in the Weblogic install forum - WebLogic Server - Upgrade / Install / Environment / Migration
    HTH
    Srini

  • Weblogic Authentication problems

    I successfully configured security on weblogic but when ever I try to login weblogic authenticate the user and redirect on the welcome page but with an exception like
    <JpsIdentityManagementProvider> <getIdmUserList> WARN_NO_USERS_PATTERN
    oracle.security.idm.ObjectNotFoundException: No User found matching the criteria
    at oracle.security.idm.providers.stdldap.util.DirectSearchResponse.initSearch(DirectSearchResponse.java:174)
    at oracle.security.idm.providers.stdldap.util.NonPagedSearchResponse.<init>(NonPagedSearchResponse.java:52)
    at oracle.security.idm.providers.stdldap.util.NonPagedSearchResponse.<init>(NonPagedSearchResponse.java:43)
    at oracle.security.idm.providers.stdldap.util.LDAPRealm.searchUsers(LDAPRealm.java:489)
    at oracle.security.idm.providers.stdldap.LDIdentityStore.search(LDIdentityStore.java:274)
    at oracle.security.idm.providers.stdldap.LDIdentityStore.searchUsers(LDIdentityStore.java:367)
    at oracle.adf.share.security.providers.jps.JpsIdentityManagementProvider.getIdmUserList(JpsIdentityManagementProvider.java:505)
    at oracle.adf.share.security.providers.jps.JpsIdentityManagementProvider.getUserProfileList(JpsIdentityManagementProvider.java:386)
    at oracle.adf.share.security.identitymanagement.UserManager.getUserProfileList(UserManager.java:314)
    at oracle.adf.share.security.identitymanagement.UserProfile.initialize(UserProfile.java:91)
    at oracle.adf.share.security.identitymanagement.UserProfile.<init>(UserProfile.java:81)
    at oracle.adf.share.security.providers.jps.JpsSecurityContext.getUserProfile(JpsSecurityContext.java:115)
    at oracle.adf.share.ADFContext.getEnterpriseId(ADFContext.java:850)
    at oracle.adfinternal.controller.util.LogUtils.getApplicationName(LogUtils.java:392)
    at oracle.adfinternal.controller.util.LogUtils.gotApplicationName(LogUtils.java:384)
    at oracle.adfinternal.controller.util.LogUtils.getTimer(LogUtils.java:161)
    at oracle.adfinternal.controller.util.LogUtils.getTimer(LogUtils.java:209)
    at oracle.adfinternal.controller.metadata.MetadataServiceImpl.initializePageFlow(MetadataServiceImpl.java:374)
    at oracle.adfinternal.controller.metadata.MetadataServiceImpl.getPerUserCache(MetadataServiceImpl.java:355)
    at oracle.adfinternal.controller.metadata.MetadataServiceImpl.getPerUserCache(MetadataServiceImpl.java:324)
    at oracle.adfinternal.controller.metadata.MetadataServiceImpl.getAdfPageFlow(MetadataServiceImpl.java:180)
    at oracle.adfinternal.controller.metadata.MetadataServiceImpl.getPageFlow(MetadataServiceImpl.java:434)
    at oracle.adfinternal.controller.metadata.MetadataServiceImpl.getActivity(MetadataServiceImpl.java:169)
    at oracle.adfinternal.controller.state.ViewPortContextImpl.getPhysicalURI(ViewPortContextImpl.java:1097)
    at oracle.adfinternal.controller.application.AdfcPageResolver.getPhysicalURI(AdfcPageResolver.java:75)
    at oracle.adf.controller.faces.lifecycle.Utils.getPagePathFromViewId(Utils.java:44)
    at oracle.adfinternal.controller.application.model.UpdateBindingListener.setBindingELVariable(UpdateBindingListener.java:108)
    at oracle.adfinternal.controller.application.model.UpdateBindingListener.beforePhase(UpdateBindingListener.java:61)
    at oracle.adfinternal.controller.lifecycle.ADFLifecycleImpl$PagePhaseListenerWrapper.beforePhase(ADFLifecycleImpl.java:550)
    at oracle.adfinternal.controller.lifecycle.LifecycleImpl.internalDispatchBeforeEvent(LifecycleImpl.java:100)
    at oracle.adfinternal.controller.lifecycle.LifecycleImpl.dispatchBeforePagePhaseEvent(LifecycleImpl.java:147)
    at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener$PhaseInvokerImpl.dispatchBeforePagePhaseEvent(ADFPhaseListener.java:119)
    at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.beforePhase(ADFPhaseListener.java:63)
    at oracle.adfinternal.controller.faces.lifecycle.ADFLifecyclePhaseListener.beforePhase(ADFLifecyclePhaseListener.java:44)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:319)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:204)
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:312)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:121)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
    at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
    at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    what is this and why this exception occur and how can i solve this problem

    In my opinion you can ignore the message (if your application works correctly). I have seen similar messages in the log of one of our applications, although the application continued working properly. I think that this message might appear only if you have used some non-LDAP authentication provider. I think that the JPS Identity Store service is trying to get the user's profile but as far as this service may work only against LDAP-based authentication providers, it is not able to find the authenticated user in its store (because the user's account is not stored in an LDAP store).
    You may have a look also at this thread: {thread:id=2161110}
    Dimitar

  • Apache and Weblogic authentication

    Apache 2.0 and WL 8.1 SP6;
    Apache redirects to a wl web app and the web app's front page is password protected using Apache's authentication services.
    Turns out, the users configured with Apache's 'htpasswd' have to be duplicated in weblogic. Curious to know why this is. There appears to be no documentation of this necessity that I could find.
    Any ideas about the configuration principles involved here?
    Thanks,
    Karoly

    Hi Scott,
    The only way it can work is when Apache adds another token to the request
    say
    MyToken : value
    U can create a Custom Identity Asserter to read that token and authenticate the user.
    U can find the steps to create custom identity asserter here
    http://weblogic-wonders.com/weblogic/2010/03/15/custom-identity-asserter-for-weblogic-server/
    HTH,
    Faisal

  • Weblogic Authentication: InitialContext Environment

    "Hi,
    I'm trying to implement authentication mechanism for
    weblogic using a custom Security realm.
    I'm getting first initialcontext without specifying
    any credentials and performing jobs required for the
    login operation (USER_A).
    In subsequent calls, i'm setting security credentials
    for getting initial context. This works fine, but from
    now onwards whenever I try to get an unauthenticated
    initialcontext, it assosicates credentials of previously
    received initialcontext.
    Hence in bean lookups being done in my weblogic server
    itself, it gives authentication failiure if credentials
    for user gets changed. i.e. While instantiating new InitialContext()
    instead of default(guest) user, credentials of (USER_A) are
    getting assosciated with it.
    1) Does weblogic sets credentials in "System Properties"/"JNDI Environemnt"
    while i'm getting initial context. Please note, i'm getting initial context
    within same JVM in which weblogic server is running.
    2) What if i explicitly set principal/credntials to guest/guest whenever i need
    unauthenticated InitialContext.
    3) What if i get an authenticated initial context from a servlet running
    on a different weblogic server. Will that assosciate credentials of USER_A
    in the other weblogic server(on which servlet is running).
    TIA,%0

    The Pop up window appears during the login phase if the user clicks the back button or stop button or clicking some links on portal
    Thanks

  • Weblogic Security Programmatic Authentication API

    Hi all,
    I am trying to use weblogic authentication API with weblogic 11g and jdeveloper 11.1.1.2.
    According to programming security document, we can use weblogic.security.SimpleCallbackHandler or weblogic.security.URLCallbackHandler class.
    But i don't see any library to import those class.
    where can i download those library?
    With Regards,
    Wai Phyo

    Where can i get this Jar(com.bea.core.weblogic.security_2.0.1.0.jar). I have installed Weblogic10.3 on jdk1.6 and it has com.bea.core.weblogic.security_1.0.0.0_6-0-3-0.jar which does not have the weblogic.security.spi.AuthenticationProviderV2.
    Any help on this will be really appreciated.
    Thanks.
    Ajay

  • How to disable authentication for weblogic server

    Hi expert,
    I have a web application deployed on weblogic server 12c. And I have a client which connects to the web application.  The client will authenticate with server with digest authentication (challenge\response). We use the default authentication in weblogic server and the authentication is done by weblogic server. And it works fine.
    However, I want to run a performance testing to replay all client requests including the requests for authentication. Since it's challenge/response authentication mechanism, the original requests can not pass authentication and weblogic server replies 401. I want to know is there any way to disable weblogic authentication so that the authentication passes when I replay my original request?
    Thanks very much!
    Regards,
    Yan

    You can disable the security of the application in the web.xml. Here there is a security-constraint configured that tells WebLogic what to do, for example,
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>All</web-resource-name>
    <url-pattern>/faces/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>MANAGER</role-name>
    <role-name>EMPLOYEE</role-name>
    </auth-constraint>
    <user-data-constraint>
    <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
    </security-constraint>
    If you put the security-constraint in comments, you can access the application, without authentication (note that the application itself probably uses the authentication in order to set certain things, so I do not if this is going to work).

  • Weblogic 81 sp6 and siteminder authentication

    I am running into a puzzling issue after upgrding to weblogic8.1 sp6. I am not sure if any experienced this and how to remedy the problem.
    1- background : I had weblogic8.1 sp5 installed and I had a deployed web application on a managed server. There is a siteminder protection for the anything under the context root of this web application. The siteminder plugin is installed on Iplanet( SUN WEB Server 6.1sp3). When a user tries to access this webapplication though the webserver. Siteminder interrupt the request and authenticate the user. if the user is authorized to access the application, siteminder will change the headers and add other header variables and redirect it again to the application. All was working fine and no changes were needed.
    Once I upgraded to weblogic 8.1 sp6. User gets authenticated by sinteminder but the weblogic server tries to authenticate the user again using its own form. If siteminder is disabled, then the user can access the application fine without weblogic authentication. There are no configuration changes at all in this upgrade. I only reference the new JDK and new weblogic 8.1sp6 files to restart the servers.
    If you have any idea, please reply to this post.
    thank you.

    after opening a support ticket, it's been resolved for me.
    Patch CR287255 has been created and allow you to add a new parameter in the config.xml of your domain: EnforceValidBasicAuthCredentials = "False".
    Hope this helps.

  • Authenticating test applcation in OAM is not working

    Hello OAM experts, can you please help to figure out why my test application is not getting authenticated by OAM.
    I have installed IDM for fusion application and SSO login is working for all admin consoles such as WLS, EM, OAM, OIM. I have deployed test application to OAM server itself to test the authentication of protected resources.
    Host identifier is already there which was create while configuring my IDM for fusion applications. I created new application domain , created resource for /text/*, created authentication policy and used LDAPScheme for authentication, created authorization policy and defined constraints by adding a group OAMAdministrators ( just for testing purpose). I also added response in the authentication policy.
    Then I have configured admin.conf of OHS server to redirect http://webhost1:7777/test to oam server host and port. It is getting redicted but not to the SSO login page. The URL still shows http://webhost1:7777/test and executes the test page and displays test application. It should have been redirected to SSO login page though OAM.
    At this stage I have no clue what did I miss. As I said, when I login to wls console, it gets redicted to SSO login through OAM login page and then while accessing OIM, it directly takes me to OIM application since the user has privileges and also OAM page without logging in again.
    But why my test application is not redirected to OAM authentication page ?
    Any help is grately appreciated.
    thanks
    Edited by: Jyothi on May 3, 2012 3:25 AM

    Hi, I am having the same issue. I am new to all this OAM stuff. I am using OAM 11g with a 11g Webgate configured. When I try to access the OAM Console the SSO setup does work and kicks-in and redirects me to the OAM server's integrated login page. But my test application that lives on an app server installed on a separate machine is never challenged for their credentials. As the documentation says I have CLIENT-CERT defined as the auth-method in my login-config inside my applications web.xml file.
    I think I am not using the right providers. What I want is Identity Assertion and also OAM authentication (if Identity Assertion fails Authentication should kick-in and redirect to challenge login page). So I have an OAMIdentityAsserter and an OAMAUthenticator set-up in addition to the Default Weblogic Identity Asserter and Default Weblogic Authenticator.
    I have tried everything but, the login redirect never happens. If I use the DefaultAuthenticator along with OAMAuthenticator (no OAMIdentityAsserter) and define BASIC in my login-config in web.xml then the Default Weblogic Authenticator pops up a dialog box which does let me enter credentials and when I do it does make the trip to the OAM server and works flawlessly. But I don't want basic authentication and I don't want a dialogue box to pop-up. I want the OAM server to redirect me to it's built-in login page just like it does for the OAMConsole itself which is being protected by the out of the box 10g IAMSuiteAgent Webgate. Which, as you know, comes pre-installed.
    Please let me know your configuration and the providers you have set up and how you were able to make the OAM server challenge you for credentials when trying to access a protected resource/application.
    Thank You.

  • How to get user attributes from LDAP authenticator

    I am using an LDAP authenticator and identity asserter to get user / group information.
    I would like to access LDAP attributes for the user in my ADF Taskflow (Deployed into webcenter spaces).
    Is there an available api to get all the user attributes through the established weblogic authenticator provider or do i have to directly connect to the LDAP server again?
    Any help would be appreciated

    Hi Julián,
    in fact, I've never worked with BSP iViews and so I don't know if there is a direct way to achieve what you want. Maybe you should ask within BSP forum...
    A possibility would be to create a proxy iView around the BSP iView (in fact: before the BSP AppIntegrator component) which reads the user names and passes this as application params to the BSP component. But this is
    Beginner
    Medium
    Advanced
    Also see http://help.sap.com/saphelp_nw04/helpdata/en/16/1e0541a407f06fe10000000a1550b0/frameset.htm
    Hope it helps
    Detlev

Maybe you are looking for

  • Error installing MaxDB 7.6.03.09 on windows 32 bit on NW70 SR2 sapinst

    MaxDB experts, Hello.  I am trying to install SAP NW70SR2 (JAVA AS) on MaxDB 7.6.03.09 with windows 32 bit OS.  Brand new install, JAVA AS central system. Our problem is in the SAPINST phase: Install database server software I see this in the sapinst

  • CS5.5 Premiere Pro & After Effects launch in one user profile but not the other

    I’m having two issues. One with AE getting hung up on loading the MediaCore and the other with Premiere Loading the ExpoerterQuickTime.bundle I’ve looked and looked for solutions and haven’t found any with my problem. I’m running a Mid-2010 MBP 8GB R

  • RTF format emails not consistent on recipient end

    I send out stock order confirmation emails to lots of customers. I frequently get replies back, with the content of my email looking very inconsistent. I have done some testing, by making an rtf email, and sending it to a number of friends, and then

  • ICC Profiles for Lightroom 5

      Have Lightroom 5 and a B210e printer and a B8600 printer.  I am unable to locate any profiles for these devices or instructions for Lightroom 5.  Any assistance would be appreciated.  Thanks. 

  • LT01 - Is it possible to modifiy the posting date?

    I would like to transfer some quantity of a material from one storage bin to another storage bin. Is it possible to set the posting date? Form LT01 transaction is not possible to set the posting date. System takes the actual day. Thanks in advance.