- 浏览: 198691 次
- 性别:
- 来自: 北京
文章分类
- 全部博客 (138)
- Linux - Adiministration (4)
- Linux - Shell (3)
- Linux - Programming (10)
- Linux - Miscellaneous (57)
- Theory - Data Structure & Algorithm (2)
- Theory - Fundamentals of Compiling (0)
- Theory - Operating System (0)
- Theory - Database (0)
- Theory - Miscellaneous (0)
- Oracle (16)
- J2SE&J2EE (32)
- 杂项 (8)
- UCM (1)
- English (1)
- 我的超级菜谱 (1)
- Case - J2EE Tutorial (0)
- Case - J2EE架构师之优秀枪手 (10)
- Apache项目学习 (0)
最新评论
-
yaolixing01:
他山界面开发框架 v22是一套基于Gecko v22 的开源收 ...
Firefox Plugin - Gecko SDK/npapi -
chenpeilei2003:
您是这篇博文的原创吗 , 我通篇看完了, 很受教。
学习的目 ...
如何系统地学习linux? -
inprice:
羊蝎子 -
inprice:
...
羊蝎子 -
RobertLeeJesus:
因为我有两台T61
我安装Solaris的全过程。
Oracle WebLogic Server provides a plugable security architecture in which authentication providers handle user identification. One of the native authentication providers in WebLogic server is for a generic LDAP server. Oracle Internet Directory (OID) is a LDAP v3 compliant server and can be configured with WLS for authentication.
Configuring WLS
Launch the WLS Console as the administrator
In the WLS console, click the Security Realm in the Domain Structure area. In the opened page, click the default realm, myrealm, to open the realm configuration page. Click the Providers tab to access the authentication provider dialog.
On the authentication provider page, click the New button to create a new provider.
Type OID as a name to identify the instance or choose a name of your choice. Choose LDAPAuthenticator as the authentication provider type and press OK.
Select the new authentication provider instance to navigate to the configuration page.
Keep the default settings for now. It is important not to change the Control Flag until you have verified that the OID configuration is valid. If the OID provider should be the only authentication provider, make sure the weblogic server user account and its granted groups memberships are created in OID. Otherwise the WLS domain wouldn’t start up properly. Select the Provider Specific tab.
Edit the following properties in the Provider Specific configuration:
Propagate Cause for Login Exception | Check | Propagates exceptions thrown by OID, like password expired exceptions, to WLS so they show in the console and the logs | |
Principal | cn=orcladmin | An administrator account to connect to OID | |
Host | <the OID hostname> | ||
Use Retrieved User Name as Principal | Check | Specifies whether or not the user name retrieved from the LDAP server should be used as the Principal in the Subject | |
Credential | orcladmin password | Password to authenticate the OID admin account | |
Confirm Credential | orcladmin password | ||
Group Base DN | <oid group search base> | The value of the “Group Search Base” attribute in OID. The value looks like cn=Groups,dc=us,dc=oracle,dc=com and can be looked up in the ODM hierarchy | |
User Base DN | <oid user search base> | The value of the “Group Search Base” attribute in OID. The value looks like cn=users, dc=us,dc=oracle,dc=com and can be looked up in the ODM hierarchy | |
Port | 389 | The OID port, 389 by default |
Press Save when finished. You need to restart the WebLogic server instance for the changes to take effect. Note that authentication providers in a WLS domain are chained. This means that user authentication needs to run successfully through all authentication providers. This is why I suggested to keep the “optional” flag set for the new provider. Authentication providers that are optional are allowed to fail without the server startup or user authentication to fail.
Once the server is up again, connect to the WebLogic server. In the WLS console, click the Security Realm in the Domain Structure area. In the opened page, click the default myrealm, myrealm, to open the realm configuration page. Click the Providers tab to access the authentication provider dialog. Select the Users and Groups tab to see a list of users and groups contained in the configured authentication providers. You should see usernames from the OID configuration, which implicitly verifies that the configuration is working.
If the OID instance is configured successfully, you can change the Control Flag. If the OID authentication is sufficient for an application to identify the user, then choose the Sufficient flag. Sufficient means that if a user can be authenticated against OID, no further authentication is processed. Required means that the authentication provider must succeed even if another provider already authenticated the user.
发表评论
-
Converter between XML and Java Bean
2009-08-14 22:10 813Not done. -
一直在linux下运行服务器,今天尝试了一下windows下的websphere,也很不错
2009-06-26 20:45 11561. 默认的websphere试用版安装作为一个windows ... -
J2EE Security
2009-06-25 13:56 756J2EE Security -
Jave VM memory Arg/Java 虚拟机内存参数
2009-05-22 16:05 3252http://winywan.com/index.php ... -
Weblogic/ADF/Fussion Middleware
2009-05-22 00:35 921http://download.oracle.com/docs ... -
BufferredOutputStream
2009-05-16 20:08 844BufferredOutputStream is not im ... -
oid/oim/ldap/jndi API
2009-04-28 22:45 1913Reference http://download. ... -
EAR/WAR/JAR(EJB) structure
2009-04-16 01:38 771http://www.oracle.com/technolog ... -
Oracle Appserver remote deployment
2009-04-03 11:02 799java -jar admin_client.jar depl ... -
浏览器Plugin总结(ActiveX vs. Gecko SDK)
2009-03-12 22:22 2684Java Applet Java Applet run ... -
Firefox Plugin - Gecko SDK/npapi
2009-03-12 21:40 12972原文: 1. http://mqjing.blogspot ... -
javascript与applet之间相互通讯
2009-03-11 21:08 1957javascript与applet之间能够相互通讯给我们带来了 ... -
Oracle Appserver - Common Logging - Log4j
2009-02-24 11:42 1287In Oracle Appserver, when an EA ... -
Common Logging
2009-02-24 00:27 9161. Specify the log implementati ... -
Log4j
2009-02-24 00:16 8891. Default property file. CLA ... -
JDK 1.4 Logging
2009-02-23 23:26 10981. Default property file. By ... -
Java Knowledge - Miscelaneous
2009-02-22 00:16 601See attachment! -
ant 和 java的关系
2009-02-10 18:19 10551. ant中的javac使用哪个jdk的bootstrap ... -
How to use the Junit in JDeveloper
2008-10-28 18:05 821See Attachment. -
How to develop extension in JDeveloper?
2008-10-28 18:02 719See Attachment.
相关推荐
How to Configure User Status in mySAP SRM.pdf
how to configure kernelhow to configure kernel
This article introduces how to configure ODBC DSN in Client to access remote DB2 for windows in detail. Then I give a sample how to access remote DB2 database with ODBC by DB Query Analyzer ...
How to Configure NLB MP in mix and native mode
This article introduces how to configure ODBC DSN in Server to access local DB2 for windows in detail. Then I give a sample how to access local DB2 database with ODBC by DB Query Analyzer expediently.
How to configure OneFS to allow NFS mounts from unprivileged ports
How to configure an Anybus PROFIBUS Slave module with a Siemens Step7 PLC Below you find an overview of the system configuration that is escribed in this document. In this case the Anybus Slave ...
HOWTO Configure DCOM Timeouts如何配置DCOM的超时设定(13KB)
How to Configure the Universal Worklist (NW2004)[1].pdf
How to Configure Odoo 13 on Pycharm Ubuntu 18 ubuntu18下安装ODOO13 pycharm配置ODOO13开发环境
在Ubuntu18.04中安装NFS服务器以及配置NFS 客户端,详细安装步骤过程,简单实用,一学就会
Configure AAA authentication for console login to use the default AAA authentication method. Step 6. Verify the AAA authentication method. Verify the user EXEC login using the AAA TACACS+ server. ...
3.6.1.2 Packet Tracer - Configure AAA Authentication on Cisco Routers.pka
HowTo_Configure_IE
KBA_180523214236_2__PMIC__PMI632_How_to_configure_.pdf
在本实验任务中,你将使用Packet Tracer模拟环境来在Cisco路由器上实现AAA(Authentication, Authorization, and Accounting)认证。AAA是一种网络安全框架,它为网络设备提供了集中、安全的用户访问控制机制。 ...
官方操作手册,该手册内包含操作截图,完整的指导用户如何使用SAP ABAP系统。内含SSL证书部署的步骤
describes how to compile a linux kernel and how to configure the kernel in the booting process
是一个利用ARM配置FPGA的方法,包括从串模式,和从并模式
Next, the reader will learn the steps that must be taken to configure their servers and workstations to make the compatible with WSUS. A special section then follows to help readers migrate from ...