I have a security realm that is the standard out-of-the-box security realm with one modification. I created an authentication provider to validate users and groups defined in a 3rd party data store. The control flag for each authentication provider (the default one and mine) is set to 'sufficient' so that there is one user account that allows me to log into the WebLogic console that is not defined in the 3rd party data store.

If I run my application and log in with the WebLogic admin userid, the security realm successfully authenticates the user (it passes the default authentication provider) and permits entry to my application. Unfortunately, this is not good for me. The application, at startup, goes to the 3rd party data store and retrieves more information about the user that just logged in. For the WebLogic admin account, it will not find the user.

Is there a way to configure WebLogic security such that a particular application can ensure authentication by a specific provider?

Another environment I need to handle is having two applications deployed, each needing to authenticate its users with two *different* data sources containing valid users and groups.

Thanks! Any help is much appreciated!