This is a discussion on Re: Can this be done using WLS 8.1 LDAP? - Weblogic ; "Rick Maddy" wrote in message news:email@example.com... > > I am trying to configure WLS 8.1 to use LDAP for authentication/authorization. > I have the basics working so now I am trying to move to the next hurdle. > > We ...
wrote in message
> I am trying to configure WLS 8.1 to use LDAP for
> I have the basics working so now I am trying to move to the next hurdle.
> We are building a single webapp that will serve several different
> main difference will be that the look and feel will be branded for each
> so when a user logs in to the app via a URL such as foo.domain.com they
> "foo" branding and using bar.domain.com will see the "bar" branding.
> far. The real problem is that we will be adding new companies over time
> need to allow two users from two different companies to have the same
> How can I setup LDAP in WLS 8.1 so I can use a different "User Base DN"
> on the company the user appears to be coming from? I need this for both
> and authorization.
It sounds like you need multiple realm support in additional to virtual host
currently only supports one realm activate at a time.
> - Maybe a custom LDAP realm? Where to begin?
You might be able to do this with a custom provider, but I am not sure if
get at the original URL in the login module.
> - How about the "User From Name Filter" field in the console? It seems to
> a %u variable for the username. Are there any other variables I can use?
You can use %u for username, %g for group, but I don't think they are going
> - Do I create a different authenticator for each company? If so, how do I
> one authenticator saying username/password is valid and other says it
> how do I use the correct authorizer for that user?
You can use the control flags to specify the behavior of the login modules.
your usernames are scoped, then it could succeed in one provider when you
want it to go to the other provider.