WLI-8.1 Problem using external LDAP authenticaion provider

Similar Messages

• Authentication in weblogic portal server 8.1 sp2 using external LDAP

  Hi,
  I am trying to use external LDAP for authentication.
  I have configured the ActiveDirectoryAuthenticator giving the necessary
  values
  ( and added
  "-Dcom.bea.p13n.usermgmt.AuthenticationProviderName=ActiveDirectoryAuthentic
  ator" in startWeblgoic.cmd )
  and can see the users and the groups from my LDAP provider in the admin
  console and in the admin portal's "users and groups".
  A set of users are given permission to access the restricted site and those
  users are visible in the global role with the permission.
  The web.xml is configured for BASIC auth-method, and the role is
  <externally-defined/> in weblogic.xml.
  Now when I access a restricted page, I am shown a dialog prompt to key in
  the username and password.
  Even when I key in the valid credentials, the restricted page is not shown
  and an "Unauthorized xxx" 401 access error is thrown.
  Any clue, on what i am missing.?
  Please let me know if any suggestion / idea.
  Regards,
  Arun.

  Assuming your application is a WebLogic Portal application, then yes you would definitely need to install WLP 8.1. WLP version 8.1 is the only version of WLP that will run on WLS/WLW version 8.1.
  In order to obtain the product installer, you'll need to contact Oracle Support and file a request. It is not available for download from any Oracle public site. Only version 10.3 is available for download.
  Brad

• Identity Server using external LDAP

  anyone have idea whether ID Server can use external an LDAP server for authentication, like the Policy Server in Portal Server 3 ?
  Wilson.

  You typically need to use our JNDI store. We strongly recommend this for
  performance reasons..
  You can use the JNDI To LDAP bridge which is available from the sun web
  site.
  Michael Girdley
  BEA Systems Inc
  "Jack Archer" <[email protected]> wrote in message
  news:[email protected]..
  I'm trying to find out if it is possible to re-direct JNDI calls to the WL
  server to an external LDAP server. I know you can install an external LDAP
  server for security purposes, but I would like to use an external LDAP
  server to handle all JNDI lookups (like for JNDI EJB name location, etc.).
  Is this possible?

• DISPLAYNAME when Using External LDAP

  Hi all,
  I'm using OBIEE 11g (11.1.1.6.0 onwards).
  I'm using an external LDAP (OpenLDAP, MSAD, etc). I'm looking for a way to populate the DISPLAYNAME session variable from the LDAP name attribute so that when logged in, the DISPLAYNAME is shown in OBIEE (instead of USER).
  Is this possible in OBIEE 11g? I remember it's possible in 10g.
  Any suggestion on how to achieve this? Thanks a lot!

  Login to Oracle Enterprise Manager (http://<servername>:7001/em ), navigate to WebLogic Domain > bifoundation_domain > Security > Security Provider Configuration
  then
  In the Identity Store Provider, click on Configure button. In Identity Store Configuration add 2 properties:
  Property name: user.login.attr, Value : sAMAccountName
  Property name: username.attr, Value: sAMAccountName
  Note:- sAMAccountName , this is for MSAD, you need to find out attribute for some other LDAP
  lemme know in case of issues
  please mark thread as answered and Assign point , if above soln answere's ur question.
  Regards
  Ankit
  Edited by: AnkitR Gupta on 12 Dec, 2012 1:27 AM
  Edited by: AnkitR Gupta on 12 Dec, 2012 1:32 AM

• How to configure webcenter services to use external LDAP?

  Reassociating the identity store with an external LDAP server is mandatory only if you're using the Documents service and/or the Discussions service, in which case the WC_Spaces server, Content Server, and Collaboration server must all be configured to use the same external LDAP server.
  The question is how to configure?
  Is there any document which details this?
  Please help! this is urgent.
  Regards

  Refer
  http://docs.oracle.com/cd/E28280_01/webcenter.1111/e12405/wcadm_security_id_store.htm#WCADM1845
  http://docs.oracle.com/cd/E28280_01/webcenter.1111/e12405/wcadm_security_id_store.htm#WCADM345
  Thanks

• Using external LDAP server for  WL JNDI lookups

  I'm trying to find out if it is possible to re-direct JNDI calls to the WL
  server to an external LDAP server. I know you can install an external LDAP
  server for security purposes, but I would like to use an external LDAP
  server to handle all JNDI lookups (like for JNDI EJB name location, etc.).
  Is this possible?

  You typically need to use our JNDI store. We strongly recommend this for
  performance reasons..
  You can use the JNDI To LDAP bridge which is available from the sun web
  site.
  Michael Girdley
  BEA Systems Inc
  "Jack Archer" <[email protected]> wrote in message
  news:[email protected]..
  I'm trying to find out if it is possible to re-direct JNDI calls to the WL
  server to an external LDAP server. I know you can install an external LDAP
  server for security purposes, but I would like to use an external LDAP
  server to handle all JNDI lookups (like for JNDI EJB name location, etc.).
  Is this possible?

• Problem using external jars in my java component

  Hi Guys,
  I just wanted to ask how to properly reference an external jar to a java dc. I already have an external library dc which contains my external jars and also compilation and assembly public parts,  a j2ee library which has the assembly public part of the external jars that is deployed to the server, a java dc which has the compilation public part of the external jar.
  My problem is whenever I trigger a method of the java dc in my webdynpro dc I'm having an exception. weird thing is when I put the whole method from the java dc to the webdnypro dc it functions well. So I'm thinking if the interaction between my java dc and j2ee lib dc has to do with this maybe I'm missing some configuration.
  need your insight on this one.
  Thanks,

  Hi TznHuang,
  Pleaserefer to this blog might helpful for you
  /people/raphael.vogel/blog/2008/05/05/how-to-use-external-libraries-in-the-sap-component-model-part-ii
  Also please build external DC and then sync sorurces and sync used DC from inactive DC TAB for DC where you have used
  external DC.
  Hope bit helps
  Regards
  Arun Jaiswal

• Problem with WLS LDAP Authentication Provider

  We have configured WLS LDAP Authentication provider on an Oracle Service Bus domain, which is used to authenticate WS-Security Username Token and SAML Tokens against an external LDAP Directory (Sun Directory Server). After configuring this, we see that the "Users & Groups" page on the WLS Admin console is getting populated with all the user ids available in LDAP. The organization corporate directory has thousands of user ids, and WLS is executing a generic query against LDAP to fetch all the users. This query would have a major performance impact on the LDAP Directory? Is there any way to prevent this generic query from happening? Any suggestions would help.
  Edited by: Ramakrishnan Venkataraman on Feb 1, 2011 11:46 AM

  Yes, you can apply filters on the Providers configuration, also u can select the DN from where to feth the users, you can fetch users with special attributes.
  Whole lot of things can be done, review the options under providers.
  Let me know if you have any doubts.
  HTH,
  -Faisal
  http://www.weblogic-wonders.com

• Huge problems using external iSight or DV video camera on my MPB DCD...

  Ok, so I am developing some applications that make use of a video camera for motion tracking, and I have run into a huge problem when trying to use any external video camera. I have both an external iSight in great working order (I have tested it on my tower, which is also brand new, but on 10.4 for reasons of other applications not yet supported on 10.5.1) and also a Sony DCR-TRV520 NTSC Digital Handycam. (Once again, works perfectly when plugged in to the tower.) But if I plug either of them in to my MBP, no programs recognize their existence at all, be it iChat, iMovie, or my application. Nothing shows up in system profiler either. I try reboots, I get nothing... the internal iSight constantly takes over or is my only choice in applications.
  And before you even ask, yes, my firewire port works, as I can plug my external firewire solo audio interface into it no problems, and no, I don't have any other firewire devices plugged in when trying to get the computer to recognize they are there.
  Quick response would be awesome, as I am on a timeline to finish the program development and it is very important that I get this to work, preferably the Sony.

  I just read this in their Forum mate ...
  Cycling 74 has not yet finished evaluating Mac OS 10.5, aka Leopard.
  As with any new OS, you are advised to tread cautiously if you are
  considering updating. We are interested in hearing any and all reports
  from users, and at some later date we shall publish full details of
  our compatibility. Until that time use of our software on Leopard is unsupported.
  If you wish to make reports of your experience with Leopard, please send them to support at cycling74 dot com

• Problem using external database link.

  Help:
  Here is th problem I am having. I have a workflow that reads and writes to external datasource using HS services. The workflow reads and then writes to the HS datasource in a function. After the function completes it needs to close the database link. You cannot close the database link until the commit happens, which you cannot do in a function or you get an error. This is a catch 22. Do you have any suggestions?
  Thanks

  Hi,
  You could invoke your function as an autonomous transaction, and do a commit there. Not sure if that helps you close the database link or not.
  Alternatively, you could package the data to be transferred into a message on an AQ and propagate that data across the database link to the workflow system, and process it asynchronously.
  HTH,
  Matt
  WorkflowFAQ.com - the ONLY independent resource for Oracle Workflow development
  Alpha review chapters from my book "Developing With Oracle Workflow" are available via my website http://www.workflowfaq.com
  Have you read the blog at http://thoughts.workflowfaq.com ?
  WorkflowFAQ support forum: http://forum.workflowfaq.com

• Jar File Problem Using External Packages

  I am having problems creating an Executable jar file that imports classes from my own package.
  I can create an exe jar no problem without using any external packages, but when I use an external package the jar will not execute.
  I am using WindowsXP, my package is in,
  C:/MyClasses/Database
  the class files are stored loose, not in a jar file
  I have tried altering the class-path in the manifest file, but to no joy - I may have not changed the classpath correctly!
  Please help
  Magic

  This is a mine field of "correct programming style."
  External jars, if very general, could be placed in the directory jre/lib/ext.
  In some cases you can unzip the external jars and add them to your own jar.
  The manifest.mf migth be looked into, and of course you need to communicate your patching!
  As you remarked, it might be a problem of class path usage.
  For that the jar tool documentation might explain it better than I.

• $$PORTLET_ID$$ problem using external JS file

  Hi mates, I have the following problem ..
  I have JS functions in an external file and I'm trying to use the following adaptive tag in a JSP.
  <pre>
  <pt:namespace
       pt:token="$$PORTLET_ID$$" xmlns:pt='http://www.plumtree.com/xmlschemas/ptui/'/>
  </pre>
  I have added $$PORTLET_ID$$ to all my JS functions' names, unfortunately it cannot be replaced into the JS file during runtime.
  Is there any way to do this , without using inline JavaScript?

  I am not sure about v 5.* (there is no options like this for v 5.*), but in G6 you can check special option (see      Advanced Settings screen for Web Service) that allow parse external JS files on the fly (I have never tried by myself but I saw this option in G6).

• Authentication problem by external ldap server for WLS 7.0

  Hi all,
  I have configured iPlanet directory Server to serve as authentication security
  provider for WLS 7.0.While doing so I have created a Test security realm and made
  it as default.I have also configured the other default settings for the remaining
  security providers for the realm.
  Now, while I start the WLS with the default username and password, boot-error
  comes as given below. As a matter of fact I have also created groups with relevant
  username and pwd in the ldap server as specified bu the Bea documentation.
  I have tried to remove the problem since last 4 days but all in fiasco.
  If anybody has any pointer to the problem - it will be a great help.
  The error :
  * To start WebLogic Server, use a username and *
  * password assigned to an admin-level user. For *
  * server administration, use the WebLogic Server *
  * console at http://[hostname]:[port]/console *
  D:\bea\weblogic700\samples\server\config\petstore>"D:\bea\jdk131_03\bin\java"
  -h
  otspot -Xms32m -Xmx200m -Dpet.mode= - Dweblogic.management.discover=false -Dweblo
  gic.Name=petstoreServer -Dbea.home="D:\bea" -Dweblogic.management.username=weblo
  gic -Dweblogic.management.password=weblogic -Dweblogic.ProductionModeEnabled=tru
  e -Djava.security.manager -Djava.security.policy=="D:\bea\weblogic700\server\lib
  \weblogic.policy" weblogic.Server
  Starting WebLogic Server...
  <Nov 19, 2002 10:08:04 AM IST> <Notice> <Management> <140005> <Loading configura
  tion D:\bea\weblogic700\samples\server\config\petstore\.\config.xml>
  <Nov 19, 2002 10:08:21 AM IST> <Notice> <Security> <090082> <Security initializi
  ng using realm RitTestRealm.>
  <Nov 19, 2002 10:08:22 AM IST> <Critical> <WebLogicServer> <000364> <Server fail
  ed during initialization. Exception:java.lang.SecurityException: User weblogic
  i
  s not permitted to boot the server
  java.lang.SecurityException: User weblogic is not permitted to boot the server
  at weblogic.security.service.SecurityServiceManager.doBootAuthorization(
  SecurityServiceManager.java:1076)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
  erviceManager.java:1116)
  at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:703)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:588)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:276)
  at weblogic.Server.main(Server.java:31)
  >
  Regards,
  Ritwik

  Thanks Vijay - it has worked by creating the Administrator group in LDAP but Weblogic
  documentation also states the creation of any group in Ldap server with the boot
  username and pwd and then adding the group in the admin role of WLS7.0 - but this
  did not work.
  If there is any info regarding the same - pl. do let me know
  Regards,
  Ritwik
  "Vijay" <[email protected]> wrote:
  >
  Ritwik,
  I think WebLogic 7 requires a group called "Administrators" in the LDAP
  server
  and requires an user to be added to that group. I have this working in
  one of
  my projects. The group really doesnt need to be an LDAP administrative
  group.
  Can you provide any additional information. I might be able to help since
  I got
  this working only a coupla days back.
  Vijay
  "Ritwik Batabyal" <[email protected]> wrote:
  Hi all,
  I have configured iPlanet directory Server to serve as authentication
  security
  provider for WLS 7.0.While doing so I have created a Test security realm
  and made
  it as default.I have also configured the other default settings forthe
  remaining
  security providers for the realm.
  Now, while I start the WLS with the default username and password, boot-error
  comes as given below. As a matter of fact I have also created groups
  with relevant
  username and pwd in the ldap server as specified bu the Bea documentation.
  I have tried to remove the problem since last 4 days but all in fiasco.
  If anybody has any pointer to the problem - it will be a great help.
  The error :
  * To start WebLogic Server, use a username and *
  * password assigned to an admin-level user. For *
  * server administration, use the WebLogic Server *
  * console at http://[hostname]:[port]/console *
  D:\bea\weblogic700\samples\server\config\petstore>"D:\bea\jdk131_03\bin\java"
  -h
  otspot -Xms32m -Xmx200m -Dpet.mode= - Dweblogic.management.discover=false
  -Dweblo
  gic.Name=petstoreServer -Dbea.home="D:\bea" -Dweblogic.management.username=weblo
  gic -Dweblogic.management.password=weblogic -Dweblogic.ProductionModeEnabled=tru
  e -Djava.security.manager -Djava.security.policy=="D:\bea\weblogic700\server\lib
  \weblogic.policy" weblogic.Server
  Starting WebLogic Server...
  <Nov 19, 2002 10:08:04 AM IST> <Notice> <Management> <140005> <Loading
  configura
  tion D:\bea\weblogic700\samples\server\config\petstore\.\config.xml>
  <Nov 19, 2002 10:08:21 AM IST> <Notice> <Security> <090082> <Security
  initializi
  ng using realm RitTestRealm.>
  <Nov 19, 2002 10:08:22 AM IST> <Critical> <WebLogicServer> <000364><Server
  fail
  ed during initialization. Exception:java.lang.SecurityException: User
  weblogic
  i
  s not permitted to boot the server
  java.lang.SecurityException: User weblogic is not permitted to bootthe
  server
  at weblogic.security.service.SecurityServiceManager.doBootAuthorization(
  SecurityServiceManager.java:1076)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
  erviceManager.java:1116)
  at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:703)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:588)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:276)
  at weblogic.Server.main(Server.java:31)
  >
  Regards,
  Ritwik

• Problem using external editor in iPhoto

  Using Adobe photoshop CS5 the returned image to Iphoto can not be edited with the Iphoto editor. When the image is exported only an elarged section is exported
  Incorrect export
  correct export after returned image from photoshop was duplicated in Iphoto

  What image format is the file?  I may be preaching to the choir but maybe some of this will be of interest to you?
  Using Photoshop or Photoshop Elements as Your Editor of Choice in iPhoto.
  1 - select Photoshop or Photoshop Elememts as your editor of choice in iPhoto's General Preference Section's under the "Edit photo:" menu.
  2 - double click on the thumbnail in iPhoto to open it in Photoshop.  When you're finished editing click on the Save button. If you immediately get the JPEG Options window make your selection (Baseline standard seems to be the most compatible jpeg format) and click on the OK button. Your done. 
  3 - however, if you get the navigation window
  that indicates that  PS wants to save it as a PS formatted file.  You'll need to either select JPEG from the menu and save (top image) or click on the desktop in the Navigation window (bottom image) and save it to the desktop for importing as a new photo.
  This method will let iPhoto know that the photo has been editied and will update the thumbnail file to reflect the edit..
  NOTE: With Photoshop Elements  the Saving File preferences should be configured as shown:
  I also suggest the Maximize PSD File Compatabilty be set to Always.  In PSE’s General preference pane set the Color Picker to Apple as shown:
  Note:  to switch between iPhoto and PS or PSE as the editor of choice Control (right)-click on the thumbnail and select either Edit in iPhoto or Edit in External Editor from the contextual menu. If you use iPhoto to edit more than PSE re-select iPhoto in the iPhoto General preference pane. Then iPhoto will be the default editor and you can use the contextual menu to select PSE for your editor when desired.
  Give this a try:  Try this:  launch iPhoto with the Option key held down and create a new, test library.  Import some photos, edit with CS5 and  and check to see if the same problem persists.
  OT

• Problem using external screen and KVM switch since OSX 10.6.4 update

  I've just returned from a trip during which I installed the OSX SL 10.6.4 update on my 13" MacBook Unibody Aluminium (late 2008).
  It's been working fine but when I came home and plugged it into my KVM setup my mac could not find the external display. I tried rebooting and reconnecting without any success. The KVM is a Aten CS62DU USB and DVI model. It works great for my PC which is connected to the second input.
  Furthermore I've connected the display using only the minidisplay->DVI adapter and a standard DVI cable. This works but not as rigid as it used to. It takes a few connects and disconnects before OSX is able to find the external screen. It seems that the timelimit for handshaking with extrenal screens have been decreased with the 10.6.4 display driver update. Perhaps this is the cause of my problem.
  Have anyone experienced something simular since the 10.6.4 update? I really need to get my mac working with my KVM again.

  I haven't experienced this specific problem with this specific hardware, but I have updated systems and had to replace KVMs on lower releases of OSX because they simply refused to work.
  Any chance a firmware update is available from the manufacturer of the switch?