Custom Authenticator not returning correctly - Weblogic

This is a discussion on Custom Authenticator not returning correctly - Weblogic ; Hi, I have written a custom authenticator to automatically migrate users from an oracle SSO database into the default WLS8.1 realm (and ultimately to an LDAP Realm). It all works fine, except that the over all login process fails. The ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Custom Authenticator not returning correctly

  1. Custom Authenticator not returning correctly


    Hi,

    I have written a custom authenticator to automatically migrate users from an oracle
    SSO database into the default WLS8.1 realm (and ultimately to an LDAP Realm).
    It all works fine, except that the over all login process fails.

    The server is set up to use the default Authenticator initially (set to SUFFICIENT),
    then, if this fails, the Migration authenticator (set to REQUIRED) is called.
    If this finds the user on the Oracle db, it creates a user for them in the default
    realm, and logs them in.

    The problem is that even though my Migration Authenticator finishes successfully
    (ie the commit() method is executed and returns true) WLS still calls the login
    error page as set up in the web.xml file.

    The last few lines of the login() method of the authenticator are :

    loginSucceeded = true;
    addUserToWLSRealm(userId, userPassword);
    principalsForSubject.add(new WLSUserImpl(userId));

    then the commit() method is :

    public boolean commit() throws LoginException {
    if(loginSucceeded) {
    subject.getPrincipals().addAll(principalsForSubjec t);
    principalsInSubject = true;
    System.out.println("OracleSSOLoginModule.commit - true");
    return true;
    } else {
    System.out.println("OracleSSOLoginModule.commit - false");
    return false;
    }
    }

    If the user then tries to log in again, since they have been added to the WLS
    realm, they are let in, but it should happen on the first attempt.

    Any Ideas...?


    TIA


    Paul


  2. Re: Custom Authenticator not returning correctly


    "Paul Davies" wrote in message
    news:3f4f37b3$1@newsgroups.bea.com...
    >
    > Hi,
    >
    > I have written a custom authenticator to automatically migrate users from

    an oracle
    > SSO database into the default WLS8.1 realm (and ultimately to an LDAP

    Realm).
    > It all works fine, except that the over all login process fails.
    >
    > The server is set up to use the default Authenticator initially (set to

    SUFFICIENT),
    > then, if this fails, the Migration authenticator (set to REQUIRED) is

    called.
    > If this finds the user on the Oracle db, it creates a user for them in the

    default
    > realm, and logs them in.
    >
    > The problem is that even though my Migration Authenticator finishes

    successfully
    > (ie the commit() method is executed and returns true) WLS still calls the

    login
    > error page as set up in the web.xml file.
    >


    Turn on security debugging and see if you are getting a login exception
    in the debug output - set the DebugSecurityAtn attribute in the ServerDebug
    mbean.




+ Reply to Thread