Active Directory as security for applications - Weblogic

This is a discussion on Active Directory as security for applications - Weblogic ; How do I try my web application into using the active directory authentication provider. I have setup the provider and I am able to see the users and groups from the active directory but I dont know how to have ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Active Directory as security for applications

  1. Active Directory as security for applications

    How do I try my web application into using the active directory authentication provider. I have setup the provider and I am able to see the users and groups from the active directory but I dont know how to have my application access the provider correctly to authenticate the user against the AD.

    Here is what I have in my web.xml



    Tools
    /Tool/list.do


    tls_admin




    FORM
    LDAP

    /login.jsp
    /login-error.jsp



    This role has access to change and Info
    tls_admin


  2. Re: Active Directory as security for applications

    I'm sure there's little details to get right, but once you set up the ActiveDirectoryAuthenticationProvider in your domain, applications in that domain which use container-managed security will automatically use that provider.

    Check the authentication provider example in CodeShare.

  3. Re: Active Directory as security for applications

    I am still having problems with this. Do I need to only have the one authentication provider or do I need a default one as well. Also what type of setting do I give it. I have it a sufficent but when I try to make it required I get an error when I start up the server. Do I need to have the username I start weblogic with be on the active directory?

  4. Re: Active Directory as security for applications

    You probably want the default, and you probably want it as "Sufficient". It's helpful to understand what this means.

    The "Default" authenticator uses the internal WebLogic LDAP, where your "weblogic" user is defined.

    If you set your AD Authenticator as "Required", then you'd have to add the "weblogic" user to your AD (I assume the Default Authenticator is set to "Sufficient"). If you set it as "Sufficient", then the authentication process will not require that Authenticator to succeed, so you wouldn't have to put the weblogic user in your AD.

  5. Re: Active Directory as security for applications

    What do I set the active directory flag to? Is it also set at SUFFICIENT

  6. Re: Active Directory as security for applications

    Yes, set it to "Sufficient". Reread the last paragraph of my previous response.

+ Reply to Thread