WebLogic integration with Active Directory
This post provides an overview of WebLogic configuration for Active Directory as Authentication provider with several key settings. It is assumed that you have already configured the security realm.
The version of WebLogic is 12c and the document being followed is the Oracle Fusion Middleware Securing WebLogic server, chapter 5 - configuring Authentication Providers.
The key settings in the Authentication Provider are
1) User DN: For providing the container or DN of the users who will be authenticating
2) Group DN: For providing the container or DN of the users who will be authenticating
3) Host: This setting is for providing the Active Directory domain controllers list. However, this will vary according to the current environment, whether it is a single domain or multi-domain.
Above 1),2),3) are from WebLogic Security realm configuration with Authentication Provider. The below 4) is for the Application that is deployed on the WebLogic server. Once user has been authenticated, the application will refer to the weblogic.xml file to grant or authorize users.
4) weblogic.xml settings - settings for security role assignment in weblogic.xml file (These settings will be used by the application after successful authentication step in WebLogic server)
For an overview of Identity Asserter function refer to this blog.
References which were helpful
https://community.oracle.com/message/15105850#15105850
https://oracle-base.com/articles/11g/oracle-weblogic-server-configure-active-directory-authentication
http://biemond.blogspot.com/2009/09/sso-with-weblogic-1031-and-saml2.html
https://community.oracle.com/message/13050040#13050040
https://community.oracle.com/message/14229880#14229880 (correct answer)
https://docs.oracle.com/cd/E24329_01/web.1211/e21049/weblogic_xml.htm#WBAPP571 (WebLogic.xml Deployment Descriptors)
https://blogs.oracle.com/ardaeralp/configure-oracle-identity-manager-adldap-authentication (WebLogic settings)
The version of WebLogic is 12c and the document being followed is the Oracle Fusion Middleware Securing WebLogic server, chapter 5 - configuring Authentication Providers.
The key settings in the Authentication Provider are
1) User DN: For providing the container or DN of the users who will be authenticating
2) Group DN: For providing the container or DN of the users who will be authenticating
3) Host: This setting is for providing the Active Directory domain controllers list. However, this will vary according to the current environment, whether it is a single domain or multi-domain.
Above 1),2),3) are from WebLogic Security realm configuration with Authentication Provider. The below 4) is for the Application that is deployed on the WebLogic server. Once user has been authenticated, the application will refer to the weblogic.xml file to grant or authorize users.
4) weblogic.xml settings - settings for security role assignment in weblogic.xml file (These settings will be used by the application after successful authentication step in WebLogic server)
For an overview of Identity Asserter function refer to this blog.
References which were helpful
https://community.oracle.com/message/15105850#15105850
https://oracle-base.com/articles/11g/oracle-weblogic-server-configure-active-directory-authentication
http://biemond.blogspot.com/2009/09/sso-with-weblogic-1031-and-saml2.html
https://community.oracle.com/message/13050040#13050040
https://community.oracle.com/message/14229880#14229880 (correct answer)
https://docs.oracle.com/cd/E24329_01/web.1211/e21049/weblogic_xml.htm#WBAPP571 (WebLogic.xml Deployment Descriptors)
https://blogs.oracle.com/ardaeralp/configure-oracle-identity-manager-adldap-authentication (WebLogic settings)
Comments
Post a Comment