Problem getting default realm - Weblogic

This is a discussion on Problem getting default realm - Weblogic ; I am trying to use Security.runAs(). I successfully log in using a LoginContext, and have verified that my user is a member of the Administrator group. I try to run the following code as this user: public Object run() { ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Problem getting default realm

  1. Problem getting default realm


    I am trying to use Security.runAs(). I successfully log in using a LoginContext,
    and have verified that my user is a member of the Administrator group. I try
    to run the following code as this user:

    public Object run()
    {
    MBeanHome adminHome = (MBeanHome)Helper.getAdminMBeanHome("weblogic",
    "weblogic", "t3://localhost:7001");

    AuthenticationProviderMBean[] providers;
    try
    {
    DomainMBean domain = adminHome.getActiveDomain();
    SecurityConfigurationMBean security = domain.getSecurityConfiguration();
    RealmMBean realm = security.findDefaultRealm();


    The last line errors out with the following message:
    java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblo
    gic, Administrators, IntegrationAdministrators]


    Does anyone know what permission I need to have in order to do this? Or am I
    just doing something completely wrong? This code runs inside of the weblogic
    server that I'm connecting to.
    Thanks


  2. Re: Problem getting default realm


    If I instead mark the servlet this runs in to run as weblogic and remove the programmatic
    privileged action piece, then it runs fine. I'm assuming then that my Login must
    be returning a subject that is somehow different from my weblogic user? But
    I can see that it retrieves the groups that weblogic belongs to, and if I supply
    an incorrect username or password, I get an error stating that login failed.
    Any ideas?

    "jespey" wrote:
    >
    >I am trying to use Security.runAs(). I successfully log in using a LoginContext,
    >and have verified that my user is a member of the Administrator group.
    > I try
    >to run the following code as this user:
    >
    > public Object run()
    > {
    > MBeanHome adminHome = (MBeanHome)Helper.getAdminMBeanHome("weblogic",
    >"weblogic", "t3://localhost:7001");
    >
    > AuthenticationProviderMBean[] providers;
    > try
    > {
    > DomainMBean domain = adminHome.getActiveDomain();
    > SecurityConfigurationMBean security = domain.getSecurityConfiguration();
    > RealmMBean realm = security.findDefaultRealm();
    >
    >
    >The last line errors out with the following message:
    >java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblo
    >gic, Administrators, IntegrationAdministrators]
    >
    >
    >Does anyone know what permission I need to have in order to do this?
    > Or am I
    >just doing something completely wrong? This code runs inside of the
    >weblogic
    >server that I'm connecting to.
    >Thanks
    >



  3. FIXED - Re: Problem getting default realm


    Not sure if this is the optimal way to do it, but for anyone interested we finally
    got this working. Instead of using LoginContext.login, we used Authentication.login,
    and it works just fine.

    "jespey" wrote:
    >
    >If I instead mark the servlet this runs in to run as weblogic and remove
    >the programmatic
    >privileged action piece, then it runs fine. I'm assuming then that my
    >Login must
    >be returning a subject that is somehow different from my weblogic user?
    > But
    >I can see that it retrieves the groups that weblogic belongs to, and
    >if I supply
    >an incorrect username or password, I get an error stating that login
    >failed.
    >Any ideas?
    >
    >"jespey" wrote:
    >>
    >>I am trying to use Security.runAs(). I successfully log in using a

    >LoginContext,
    >>and have verified that my user is a member of the Administrator group.
    >> I try
    >>to run the following code as this user:
    >>
    >> public Object run()
    >> {
    >> MBeanHome adminHome = (MBeanHome)Helper.getAdminMBeanHome("weblogic",
    >>"weblogic", "t3://localhost:7001");
    >>
    >> AuthenticationProviderMBean[] providers;
    >> try
    >> {
    >> DomainMBean domain = adminHome.getActiveDomain();
    >> SecurityConfigurationMBean security = domain.getSecurityConfiguration();
    >> RealmMBean realm = security.findDefaultRealm();
    >>
    >>
    >>The last line errors out with the following message:
    >>java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[weblo
    >>gic, Administrators, IntegrationAdministrators]
    >>
    >>
    >>Does anyone know what permission I need to have in order to do this?
    >> Or am I
    >>just doing something completely wrong? This code runs inside of the
    >>weblogic
    >>server that I'm connecting to.
    >>Thanks
    >>

    >



+ Reply to Thread