• No results found

Security in Oracle WebLogic _ Realm, Security Provider, Authentication, Authorization, Users - Online Identity & Access Management

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Security in Oracle WebLogic _ Realm, Security Provider, Authentication, Authorization, Users - Online Identity & Access Management"

Copied!
12
0
0

Loading.... (view fulltext now)

Download now ( 12 Page )

Full text

(1)

 (http://www.onlineappsdba.com)

Find us: (https://www.facebook.com/k21technologies) (https://twitter.com/k21technologies) (https://www.linkedin.com/company/k21technologies)

+1-669-900-5138   |   +44-203-372-5553

SUBMIT

Free Newsletter

Get Latest Updates Your email here Subscribe

Make Training Enquiry

Name* Email ID* Phone Description

Categories

» 10gAS (Http://Www.Onlineappsdba.Com/Index.Php/Category/10gas/) » 11i (Http://Www.Onlineappsdba.Com/Index.Php/Category/11i/)

Tweet (http://twitter.com/share) 0 Share 0

Security In Oracle WebLogic : Realm, Security Provider,

Authentication, Authorization, Users

Posted by "Atul Kumar (http://www.onlineappsdba.com/index.php/author/atul/)" in "security (http://www.onlineappsdba.com/index.php/category/security/), weblogic

(http://www.onlineappsdba.com/index.php/category/weblogic/)" on 2008-11-22

(http://onlineappsdba.com/wp-content/uploads/2008/11/weblogic_sec_2.JPG)

Security Providers - are modules that provide security service to application to protect Weblogic resource. Types of security providers in WebLogic Server are

Authentication Provider, Authorization Provider, Auditing Providers, Credential Mapping Provider, Identity Assertion Provider, Principal Validation Provider, Adjudication Providers, Role Mapping Providers, Certificate Lookup and Validation Providers, Keystore Providers and Realm Adapter providers.  

Security Provider Database – contains users, groups, security roles, security policies and credentials. This database can be embedded LDAP server, properties file or physical database.

 

Embedded LDAP server- WebLogic Server uses its embedded LDAP server as security provider database to store users, groups, security roles and security policies.

Security Realm- Security Realm comprises mechanism of protecting WebLogic Resource. Each Security realm consists of security providers, users, groups, security roles and security policies. User must be defined in a security realm in order to access any weblogic resource belonging to that realm. Default realm in Weblogic is myrealm.

        You can configure multiple security realm in a domain but only one realm can be active at a time. TOP

(2)

» 1z0­108 (Http://Www.Onlineappsdba.Com/Index.Php/Category/1z0­ 108/) » 1z0­233 (Http://Www.Onlineappsdba.Com/Index.Php/Category/1z0­ 233/) » 1z0312 (Http://Www.Onlineappsdba.Com/Index.Php/Category/1z0312/) » AD (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ad/) » Ad4j (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ad4j/) » Adam (Http://Www.Onlineappsdba.Com/Index.Php/Category/Adam/) » Adapters (Http://Www.Onlineappsdba.Com/Index.Php/Category/Adapters/) » Adop (Http://Www.Onlineappsdba.Com/Index.Php/Category/Adop/) » Advanced (Http://Www.Onlineappsdba.Com/Index.Php/Category/Advanced/) » Aia (Http://Www.Onlineappsdba.Com/Index.Php/Category/Aia/) » Amberpoint (Http://Www.Onlineappsdba.Com/Index.Php/Category/Amberpoint/) » Apache (Http://Www.Onlineappsdba.Com/Index.Php/Category/Apache/) » Apex (Http://Www.Onlineappsdba.Com/Index.Php/Category/Apex/) » Apps (Http://Www.Onlineappsdba.Com/Index.Php/Category/Apps/) » AppsASintegration (Http://Www.Onlineappsdba.Com/Index.Php/Category/Appsasintegration/) » Autoconfig (Http://Www.Onlineappsdba.Com/Index.Php/Category/Autoconfig/) » Backup (Http://Www.Onlineappsdba.Com/Index.Php/Category/Backup/) » Bam (Http://Www.Onlineappsdba.Com/Index.Php/Category/Bam/) » Basics (Http://Www.Onlineappsdba.Com/Index.Php/Category/Basics/) » BEA (Http://Www.Onlineappsdba.Com/Index.Php/Category/Bea/) » Beginners (Http://Www.Onlineappsdba.Com/Index.Php/Category/Beginners/) » Blogroll (Http://Www.Onlineappsdba.Com/Index.Php/Category/Blogroll/) » Book Review (Http://Www.Onlineappsdba.Com/Index.Php/Category/Book­ Review/)

You can configure security realm using WebLogic Console or WLST (WebLogic Scripting Tool) or JMX (Java Management Extension) API.

. (http://onlineappsdba.com/wp-content/uploads/2008/11/weblogic_sec_4.JPG) . (http://onlineappsdba.com/wp-content/uploads/2008/11/weblogic_sec_5.JPG) .  .

(3)

» Bpel (Http://Www.Onlineappsdba.Com/Index.Php/Category/Bpel/) » Business Intelligence (Http://Www.Onlineappsdba.Com/Index.Php/Category/Business­ Intelligence/) » Calendar (Http://Www.Onlineappsdba.Com/Index.Php/Category/Calendar/) » Cdc (Http://Www.Onlineappsdba.Com/Index.Php/Category/Cdc/) » Certification (Http://Www.Onlineappsdba.Com/Index.Php/Category/Certification/) » Cloning (Http://Www.Onlineappsdba.Com/Index.Php/Category/Cloning/) » Coherence (Http://Www.Onlineappsdba.Com/Index.Php/Category/Coherence/) » Concurrent Manager (Http://Www.Onlineappsdba.Com/Index.Php/Category/Concurrent­ Manager/) » Connector Server (Http://Www.Onlineappsdba.Com/Index.Php/Category/Connector­ Server/) » Content Server (Http://Www.Onlineappsdba.Com/Index.Php/Category/Content­ Server/) » Cpu (Http://Www.Onlineappsdba.Com/Index.Php/Category/Cpu/) » Customization (Http://Www.Onlineappsdba.Com/Index.Php/Category/Customization/) » Database (Http://Www.Onlineappsdba.Com/Index.Php/Category/Database/) » Db_basics (Http://Www.Onlineappsdba.Com/Index.Php/Category/Db_basics/) » Disaster Recovery (Http://Www.Onlineappsdba.Com/Index.Php/Category/Disaster­ Recovery/) » Discoverer (Http://Www.Onlineappsdba.Com/Index.Php/Category/Discoverer/) » Ecm (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ecm/) » EPM (Http://Www.Onlineappsdba.Com/Index.Php/Category/Epm/) » Esb (Http://Www.Onlineappsdba.Com/Index.Php/Category/Esb/) » Eus (Http://Www.Onlineappsdba.Com/Index.Php/Category/Eus/) » Exalogic (Http://Www.Onlineappsdba.Com/Index.Php/Category/Exalogic/) » Fmw (Http://Www.Onlineappsdba.Com/Index.Php/Category/Fmw/) All Security providers exists within context of realm, some security provider type are compulsory in a security

realm while others are optional.

(http://onlineappsdba.com/wp-content/uploads/2008/11/weblogic_sec_3.JPG)  . 

Authentication Provider - is to prove identity of user or system.

Auditing Provider -  is to provide auditing services. Audit information may be written to LDAP server, Database or simple file.

 

Principal – is identity assigned to user or group as result of authentication.  

Subject - after successful authentication, principal are signed and stored in subject for future use.

(http://onlineappsdba.com/wp-content/uploads/2008/11/weblogic_sec_11.JPG) . 

LoginModules – is part of Authentication Provider and responsible for authenticating users within security realm and for populating subject with necessary principal (user, group)

(4)

» Forms (Http://Www.Onlineappsdba.Com/Index.Php/Category/Forms/) » Fusion (Http://Www.Onlineappsdba.Com/Index.Php/Category/Fusion/) » Grc (Http://Www.Onlineappsdba.Com/Index.Php/Category/Grc/) » GRCM (Http://Www.Onlineappsdba.Com/Index.Php/Category/Grcm/) » HA (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ha/) » Haley (Http://Www.Onlineappsdba.Com/Index.Php/Category/Haley/) » How To ? (Http://Www.Onlineappsdba.Com/Index.Php/Category/How­ To/) » Hyperion (Http://Www.Onlineappsdba.Com/Index.Php/Category/Hyperion/) » Identity_manager (Http://Www.Onlineappsdba.Com/Index.Php/Category/Identity_manager/) » Idm (Http://Www.Onlineappsdba.Com/Index.Php/Category/Idm/) » Im (Http://Www.Onlineappsdba.Com/Index.Php/Category/Im/) » Installation (Http://Www.Onlineappsdba.Com/Index.Php/Category/Installation/) » Integration (Http://Www.Onlineappsdba.Com/Index.Php/Category/Integration/) » InterviewQs (Http://Www.Onlineappsdba.Com/Index.Php/Category/Interviewqs/) » Jboss (Http://Www.Onlineappsdba.Com/Index.Php/Category/Jboss/) » Jdbc (Http://Www.Onlineappsdba.Com/Index.Php/Category/Jdbc/) » Jdeveloper (Http://Www.Onlineappsdba.Com/Index.Php/Category/Jdeveloper/) » Jdk (Http://Www.Onlineappsdba.Com/Index.Php/Category/Jdk/) » Jobs (Http://Www.Onlineappsdba.Com/Index.Php/Category/Jobs/) » Jrockit (Http://Www.Onlineappsdba.Com/Index.Php/Category/Jrockit/) » LAF (Http://Www.Onlineappsdba.Com/Index.Php/Category/Laf/) » Mail (Http://Www.Onlineappsdba.Com/Index.Php/Category/Mail/) » News (Http://Www.Onlineappsdba.Com/Index.Php/Category/News/) » Oaacg (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oaacg/) Authentication- is process to provide credentials (username/password, Certificate..) to provide identity of

user/system. Weblogic support following type of authentication a) Username/Password- Username and password with or without SSL

b) Certificate Authentication - one way or two way SSL authentication where Server authenticate itself by showing SSL certificate and server can ask client for certificate.

c) Digest Authentication- using nonce, timestamp, username and digest 

d) Perimeter Authentication – process of authenticating identity of remote user outside of application server domain.

Authorization - is process which determines which user has access on which WebLogic Resources. WebLogic Resource- is an Object (which represents WebLogic entity) which can be protected. for ex. ear, ejb, network etc.

Security Policy – is kind of ACL(Access Control List) which determines who (user, group, role) has access to which weblogic resource. WebLogic resource is not protected till you assign security policy to it.

Weblogic Server provides SSO with following environments - Web Browser and HTTP Client (via SAML)

- Desktop client

More on Single Sign-On with Oracle WebLogic Server coming soon ..

Previous in series (http://www.onlineappsdba.com/index.php/2008/11/06/weblogic-server-jdbc-for-database-connection-step-by-step/) Next in series

(http://www.onlineappsdba.com/index.php/2009/02/01/deploy-adf-application-to-oracle-weblogic-server/)

Related Posts for Learn WebLogic with Us

Oracle WebLogic Installation Steps

(http://www.onlineappsdba.com/index.php/2008/07/22/oracle-weblogic-installation-steps/) Domain , Administration & Managed Server, Cluster in Oracle WebLogic

(http://www.onlineappsdba.com/index.php/2008/07/24/domain-administration-managed-server-cluster-in-oracle-weblogic/)

Create Domain in Oracle WebLogic

(http://www.onlineappsdba.com/index.php/2008/07/28/create-domain-in-oracle-weblogic/) Oracle WebLogic Server – Startup/Shutdown

(http://www.onlineappsdba.com/index.php/2008/08/03/oracle-weblogic-server-startupshutdown/)

Oracle WebLogic Server 10g R3 10.3 is out now

(http://www.onlineappsdba.com/index.php/2008/08/07/oracle-weblogic-server-10g-r3-103-released/)

Deploy Application on Oracle WebLogic Server

(http://www.onlineappsdba.com/index.php/2008/08/12/deploy-application-on-oracle-weblogic-server/)

Cluster Architecture : Oracle WebLogic Server

(5)

(http://www.onlineappsdba.com/index.php/2008/08/14/cluster-architecture-oracle-weblogic-» Oaam (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oaam/) » Oam (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oam/) » Obiee (Http://Www.Onlineappsdba.Com/Index.Php/Category/Obiee/) » Ocm (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ocm/) » Ocms (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ocms/) » Ocs (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ocs/) » Odi (Http://Www.Onlineappsdba.Com/Index.Php/Category/Odi/) » Odq (Http://Www.Onlineappsdba.Com/Index.Php/Category/Odq/) » OEG (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oeg/) » Oem (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oem/) » Oes (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oes/) » Ofsaa (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ofsaa/) » Ohs (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ohs/) » Oia (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oia/) » Oid (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oid/) » Oif (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oif/) » OIM (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oim/) » OMSS (Http://Www.Onlineappsdba.Com/Index.Php/Category/Omss/) » OPA (Http://Www.Onlineappsdba.Com/Index.Php/Category/Opa/) » OPAM (Http://Www.Onlineappsdba.Com/Index.Php/Category/Opam/) » OPMN (Http://Www.Onlineappsdba.Com/Index.Php/Category/Opmn/) » Orm (Http://Www.Onlineappsdba.Com/Index.Php/Category/Orm/) » Osb (Http://Www.Onlineappsdba.Com/Index.Php/Category/Osb/) » Osr (Http://Www.Onlineappsdba.Com/Index.Php/Category/Osr/) server/)

Start WebLogic Server on Linux on port 80, 443 <= 1024

(http://www.onlineappsdba.com/index.php/2008/09/21/start-weblogic-server-on-linux-on-port-80-443/)

JDBC (Java DataBase Connectivity ) in Oracle WebLogic – Overview

(http://www.onlineappsdba.com/index.php/2008/11/04/jdbc-java-database-connectivity-in-oracle-weblogic-overview/)

WebLogic Server JDBC for Database connection : Step by Step

(http://www.onlineappsdba.com/index.php/2008/11/06/weblogic-server-jdbc-for-database-connection-step-by-step/)

Security in Oracle WebLogic : Realm, Security Provider, Authentication, Authorization, Users Deploy ADF application to Oracle WebLogic Server

(http://www.onlineappsdba.com/index.php/2009/02/01/deploy-adf-application-to-oracle-weblogic-server/)

Node Manager in Oracle WebLogic Server

(http://www.onlineappsdba.com/index.php/2009/06/10/node-manager-in-oracle-weblogic-server/)

Configure Oracle HTTP Server infront of Oracle WebLogic Server mod_wl_ohs

(http://www.onlineappsdba.com/index.php/2009/09/23/configure-oracle-http-server-infront-of-oracle-weblogic-server-mod_wl_ohs/)

How to install weblogic server on 64 bit O.S. (Linux /Solaris) ?

(http://www.onlineappsdba.com/index.php/2009/11/23/how-to-install-weblogic-server-on-64-bit-os-linux-solaris/)

Oracle WebLogic Login Issue : Password is not correct (Password Lock Policy)

(http://www.onlineappsdba.com/index.php/2009/12/29/oracle-weblogic-login-issue-password-is-not-correct-password-lock-policy/)

Oracle WebLogic Server : Node Manager in nutshell

(http://www.onlineappsdba.com/index.php/2010/01/07/oracle-weblogic-server-node-manager-in-nutshell/)

Certification : 1Z0-108 Oracle WebLogic Server 10g System Administrator Certified Expert (http://www.onlineappsdba.com/index.php/2010/01/11/certification-1z0-108-oracle-weblogic-server-10g-system-administrator-certified-expert/)

How to integrate WebLogic with Oracle Internet Directory for Login : Authentication

(http://www.onlineappsdba.com/index.php/2010/02/04/how-to-integrate-weblogic-with-oracle-internet-directory-for-login-authentication/)

opatch, adpatch and now “smart update” (BSU) to apply weblogic patches

(http://www.onlineappsdba.com/index.php/2010/02/23/opatch-adpatch-and-now-smart-update-bsu-to-apply-weblogic-patches/)

Disater Recovery documentation for Oracle WebLogic Server 11g (Fusion Middleware) (http://www.onlineappsdba.com/index.php/2010/03/08/disater-recovery-documentation-for-oracle-weblogic-server-11g-fusion-middleware/)

Authentication Providers in #WebLogic – Oracle Access Manager Identity Assertion for Single Sign-On and OAM Authenticator

(http://www.onlineappsdba.com/index.php/2010/07/05/authentication-providers-in-weblogic-oracle-access-manager-identity-assertion-for-single-sign-on-and-oam-authenticator/)

(6)

» Others (Http://Www.Onlineappsdba.Com/Index.Php/Category/Others/) » Oud (Http://Www.Onlineappsdba.Com/Index.Php/Category/Oud/) » Ovd (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ovd/) » Owsm (Http://Www.Onlineappsdba.Com/Index.Php/Category/Owsm/) » Patching (Http://Www.Onlineappsdba.Com/Index.Php/Category/Patching/) » Peoplesoft (Http://Www.Onlineappsdba.Com/Index.Php/Category/Peoplesoft/) » Performance (Http://Www.Onlineappsdba.Com/Index.Php/Category/Performance/) » Portal (Http://Www.Onlineappsdba.Com/Index.Php/Category/Portal/) » Printer (Http://Www.Onlineappsdba.Com/Index.Php/Category/Printer/) » R12 (Http://Www.Onlineappsdba.Com/Index.Php/Category/R12/) » R12 New Features (Http://Www.Onlineappsdba.Com/Index.Php/Category/R12­ New­Features/) » RAC (Http://Www.Onlineappsdba.Com/Index.Php/Category/Rac/) » Scripts (Http://Www.Onlineappsdba.Com/Index.Php/Category/Scripts/) » Security (Http://Www.Onlineappsdba.Com/Index.Php/Category/Security/) » Service Registry (Http://Www.Onlineappsdba.Com/Index.Php/Category/Service­ Registry/) » Session (Http://Www.Onlineappsdba.Com/Index.Php/Category/Session/) » Siebel (Http://Www.Onlineappsdba.Com/Index.Php/Category/Siebel/) » Soa (Http://Www.Onlineappsdba.Com/Index.Php/Category/Soa/) » Solaris (Http://Www.Onlineappsdba.Com/Index.Php/Category/Solaris/) » Ssl (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ssl/) » Sso (Http://Www.Onlineappsdba.Com/Index.Php/Category/Sso/) » Timesten (Http://Www.Onlineappsdba.Com/Index.Php/Category/Timesten/) » Trainings (Http://Www.Onlineappsdba.Com/Index.Php/Category/Trainings/) » Troubleshooting

Error while starting WebLogic Server : java.lang.NumberFormatException: null

(http://www.onlineappsdba.com/index.php/2010/08/16/error-while-starting-weblogic-server-javalangnumberformatexception-null/)

#WebLogic startup prompting from username password : boot.properties

(http://www.onlineappsdba.com/index.php/2010/08/21/weblogic-startup-prompting-from-username-password-bootproperties/)

BEA-000286 : Failed to invoke startup class “JRF Startup Class” oracle.jrf.wls.JRFStartup (http://www.onlineappsdba.com/index.php/2011/03/01/bea-000286-failed-to-invoke-startup-class-jrf-startup-class-oraclejrfwlsjrfstartup/)

WebLogic Kerberos (SSO) Authentication Issue : Error 401 Forbidden : No Configuration was registered that can handle the configuration named com. sun. security. jgss. krb5. accept (http://www.onlineappsdba.com/index.php/2011/03/21/weblogic-kerberos-sso-authentication- issue-error-401-forbidden-no-configuration-was-registered-that-can-handle-the-configuration-named-com-sun-security-jgss-krb5-accept/)

How to reset Lost Oracle WebLogic Password for Fusion Middleware Applications

(http://www.onlineappsdba.com/index.php/2011/08/02/how-to-reset-lost-oracle-weblogic-password-for-fusion-middleware-applications/)

Oracle WebLogic Server Certification : 1Z0-108 Practice Question and Dumps

(http://www.onlineappsdba.com/index.php/2011/08/13/oracle-weblogic-server-certification-1z0-108-practice-question-and-dumps/)

WebLogic Startup fails with Unable to obtain lock on Server may already be running

(http://www.onlineappsdba.com/index.php/2011/08/16/weblogic-startup-fails-with-unable-to-obtain-lock-on-server-may-already-be-running/)

Oracle Weblogic 12c Launch : Attend online on 1 Dec 2011

(http://www.onlineappsdba.com/index.php/2011/11/20/oracle-weblogic-12c-launch-attend-on-1-dec-2011/)

Oracle WebLogic 12c (12.1.1) is now available to download

(http://www.onlineappsdba.com/index.php/2011/12/10/oracle-weblogic-12c-1211-is-now-available-to-download/)

How to Install WebLogic 12C (12.1.1) on Mac

(http://www.onlineappsdba.com/index.php/2011/12/11/how-to-install-weblogic-12c-1211-on-mac/)

Oracle #WebLogic Server 12c : SE vs EE vs Suite License Options

(http://www.onlineappsdba.com/index.php/2012/05/12/oracle-weblogic-server-12c-se-vs-ee-vs-suite-license-options/)

SSL in WebLogic (CA, KeyStore, Identity & Trust Store) : Things you must know – Part I (http://www.onlineappsdba.com/index.php/2013/02/05/ssl-in-weblogic-ca-keystore-identity-trust-store-things-you-must-know-part-i/)

SSL in WebLogic Server – Part II : Create KeyStore, generate CSR, Import CERT and configure KeyStore with WebLogic

(http://www.onlineappsdba.com/index.php/2013/02/10/ssl-in- weblogic-server-part-ii-create-keystore-generate-csr-import-cert-and-configure-keystore-with-weblogic/)

WebLogic Admin Server Start-up hanging at “Initializing self-tuning thread pool”

(http://www.onlineappsdba.com/index.php/2013/03/11/weblogic-admin-server-start-up-hanging-at-initializing-self-tuning-thread-pool/)

(7)

(Http://Www.Onlineappsdba.Com/Index.Php/Category/Troubleshooting/) » UCM (Http://Www.Onlineappsdba.Com/Index.Php/Category/Ucm/) » Uddi (Http://Www.Onlineappsdba.Com/Index.Php/Category/Uddi/) » Uncategorized (Http://Www.Onlineappsdba.Com/Index.Php/Category/Uncategorized/) » Unix (Http://Www.Onlineappsdba.Com/Index.Php/Category/Unix/) » Upgrade (Http://Www.Onlineappsdba.Com/Index.Php/Category/Upgrade/) » Vmware (Http://Www.Onlineappsdba.Com/Index.Php/Category/Vmware/) » Webcache (Http://Www.Onlineappsdba.Com/Index.Php/Category/Webcache/) » Webcenter (Http://Www.Onlineappsdba.Com/Index.Php/Category/Webcenter/) » Webgate (Http://Www.Onlineappsdba.Com/Index.Php/Category/Webgate/) » Weblogic (Http://Www.Onlineappsdba.Com/Index.Php/Category/Weblogic/) » Windows Ad (Http://Www.Onlineappsdba.Com/Index.Php/Category/Windows­ Ad/) » Wlst (Http://Www.Onlineappsdba.Com/Index.Php/Category/Wlst/) » Workflow (Http://Www.Onlineappsdba.Com/Index.Php/Category/Workflow/)

Archive

» September 2014 (Http://Www.Onlineappsdba.Com/Index.Php/2014/09/) » June 2014 (Http://Www.Onlineappsdba.Com/Index.Php/2014/06/) » May 2014 (Http://Www.Onlineappsdba.Com/Index.Php/2014/05/) » April 2014 (Http://Www.Onlineappsdba.Com/Index.Php/2014/04/) » March 2014 (Http://Www.Onlineappsdba.Com/Index.Php/2014/03/) » February 2014 (Http://Www.Onlineappsdba.Com/Index.Php/2014/02/) » January 2014 (Http://Www.Onlineappsdba.Com/Index.Php/2014/01/) » December 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/12/) » November 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/11/)

Error in WebLogic Clustering : socket MaxMessage Size Exceeded Exception

(http://www.onlineappsdba.com/index.php/2013/05/31/error-in-weblogic-clustering-socket-maxmessage-size-exceeded-exception/)

Changed or New Features in WebLogic 12.1.2

(http://www.onlineappsdba.com/index.php/2013/08/07/changed-or-new-features-in-weblogic-12-1-2/)

WebLogic SSL configuration : Inconsistent security configuration Cannot convert identity certificate (http://www.onlineappsdba.com/index.php/2013/08/08/weblogic-ssl-configuration-inconsistent-security-configuration-cannot-convert-identity-certificate/)

Dynamic Cluster in WebLogic 12.1.2 : New Features in WebLogic 12c

(http://www.onlineappsdba.com/index.php/2013/08/26/dynamic-cluster-in-weblogic-12-1-2-new-features-in-weblogic-12c/)

Identity Propagation between two WebLogic Domains : Cross Domain Security VS Global Trust (http://www.onlineappsdba.com/index.php/2013/11/04/identity-propagation-between-two-weblogic-domains-cross-domain-security-vs-global-trust/)

WebLogic Admin Server Start Up hangs at ‘Log Management’ BEA-170019 IIOP subsystem enabled (http://www.onlineappsdba.com/index.php/2014/01/15/weblogic-admin-server-start-up-hangs-at-log-management-bea-170019-iiop-subsystem-enabled/)

Security:090294 could not get connection javax. net. ssl. SSLKeyException FATAL Alert BAD_CERTIFICATE – A corrupt or unuseable certificate was received

(http://www.onlineappsdba.com/index.php/2014/02/07/security090294-could-not-get- connection-javax-net-ssl-sslkeyexception-fatal-alert-bad_certificate-a-corrupt-or-unuseable-certificate-was-received/)

WLST connecting to WebLogic Admin Server failed : Bootstrap to [IP:Port] failed. It is likely that the remote side declared peer gone on this JVM

(http://www.onlineappsdba.com/index.php/2014/02/18/wlst-connecting-to-weblogic-admin- server-failed-bootstrap-to-ipport-failed-it-is-likely-that-the-remote-side-declared-peer-gone-on-this-jvm/)

6 Responses to “Security in Oracle WebLogic : Realm, Security Provider, Authentication, Authorization, Users”

Luis says:

December 9, 2008 at 12:59 pm (http://www.onlineappsdba.com/index.php/2008/11/22/security- in-oracle-weblogic-realm-security-provider-authentication-authorization-users/#comment-24589)

Hello,

I have just installed Oracle BEA Weblogic 10.3 on my Linux machine and everything is working fine. Now I am wondering how I can integrate Oracle Single Sign On with Weblogic (actually I would like to know whether this is possible or not) or what is the best solution to implement Single Sign On on a Weblogic environment.

Thank You Luis

Reply (/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/?replytocom=24589#respond)

(8)

» October 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/10/) » September 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/09/) » August 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/08/) » July 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/07/) » June 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/06/) » May 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/05/) » April 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/04/) » March 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/03/) » February 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/02/) » January 2013 (Http://Www.Onlineappsdba.Com/Index.Php/2013/01/) » December 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/12/) » November 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/11/) » October 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/10/) » September 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/09/) » August 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/08/) » July 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/07/) » June 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/06/) » May 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/05/) » April 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/04/) » March 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/03/) » February 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/02/) » January 2012 (Http://Www.Onlineappsdba.Com/Index.Php/2012/01/) » December 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/12/) » November 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/11/) Charan says: June 6, 2009 at 10:48 am (http://www.onlineappsdba.com/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/#comment-70290)

First of all thanks for providing help in WL. Your tutorials are very good for learners.

could you also provide tutorials on how to install SSL certificates(step-by-step guide) and starting and stopping server instances using node manager

Reply (/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/?replytocom=70290#respond)

Kanchana Devi says:

July 28, 2009 at 8:54 am (http://www.onlineappsdba.com/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/#comment-75383)

Hi Atul,

We are facing a strange issue in Myrealms of staging domain. we have configured the Active directory authenticator for provider. in AD we have arround 1300 users. so when we click on myrealms and users and groups tab it takes 8 minutes to display all the users.

but in Test domain this is not the case, we have only 600+ users and it takes only 3 seconds to display them all.

so i did lot of test to check if user limitation is there in WL. and found till 990 it displays faster but it crosses even one user it takes 8 minutes.

do you have any comments or suggestion to this.

as we have arround 10 thousand users in Production and we have to resolve this issue. thanks a lot for your help!!.

-Kanchana Reply (/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/?replytocom=75383#respond) Jayesh says: July 29, 2009 at 12:20 pm (http://www.onlineappsdba.com/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/#comment-75486) Hi Atul,

I have the follwing environment..

Oracle ADF Application deployed on oracle weblogic 10g r3 server. Implemented ADF authentication and Authorization that uses JAAS. Configured a Active Directory LDAP(i.e. ADAM) as the Security provider.

ADF Authentication and Authorization is working well, when we create user in Weblogic LDAP(embedded LDAP server) and assign group to it.

The issue I have is as follows:

In my AD LDAP We don’t have group stored.

(9)

» October 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/10/) » September 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/09/) » August 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/08/) » July 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/07/) » June 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/06/) » May 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/05/) » April 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/04/) » March 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/03/) » February 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/02/) » January 2011 (Http://Www.Onlineappsdba.Com/Index.Php/2011/01/) » December 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/12/) » November 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/11/) » October 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/10/) » September 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/09/) » August 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/08/) » July 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/07/) » June 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/06/) » May 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/05/) » April 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/04/) » March 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/03/) » February 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/02/) » January 2010 (Http://Www.Onlineappsdba.Com/Index.Php/2010/01/) » December 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/12/) » November 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/11/)

SUBMIT COMMENT

I don’t want to have groups in my AD LDAP and get authorized. Please help in solving this.

Reply (/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/?replytocom=75486#respond) Paul says: May 4, 2010 at 3:19 pm (http://www.onlineappsdba.com/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/#comment-99130) Hi Atul,

After the installation of the WebLogic and WebCenter, everything looks working fine. Only one thing I don’t see on the top of the webCenter Spaces, and that is “Administrator” menu on the top. I looked at the weblogic admin user group and it is set to default administrator. Any thoughts/idea on this problem? The weblogiv version is 10.3.2 & webcenter Spaces version is 11.1.1.2

Thanks for your time. Best Regards, Paul. Reply (/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/?replytocom=99130#respond) Mike says: February 17, 2012 at 1:16 pm (http://www.onlineappsdba.com/index.php/2008/11/22/security- in-oracle-weblogic-realm-security-provider-authentication-authorization-users/#comment-207987)

We have some Web Services written in Java that are secured using the WebLogic myrealm security realm.

Is there a way for the protected Web Service to retrieve the User ID from the credentials used to access the service?

Reply (/index.php/2008/11/22/security-in-oracle-weblogic-realm-security-provider-authentication-authorization-users/?replytocom=207987#respond)

Leave a Reply

Name *

Email (will not be published) * Website

(10)

» October 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/10/) » September 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/09/) » August 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/08/) » July 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/07/) » June 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/06/) » May 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/05/) » April 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/04/) » March 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/03/) » February 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/02/) » January 2009 (Http://Www.Onlineappsdba.Com/Index.Php/2009/01/) » December 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/12/) » November 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/11/) » October 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/10/) » September 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/09/) » August 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/08/) » July 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/07/) » June 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/06/) » May 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/05/) » April 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/04/) » March 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/03/) » February 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/02/) » January 2008 (Http://Www.Onlineappsdba.Com/Index.Php/2008/01/) » December 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/12/) » November 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/11/)

(11)

» October 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/10/) » September 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/09/) » August 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/08/) » July 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/07/) » June 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/06/) » May 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/05/) » April 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/04/) » March 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/03/) » February 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/02/) » January 2007 (Http://Www.Onlineappsdba.Com/Index.Php/2007/01/) » December 2006 (Http://Www.Onlineappsdba.Com/Index.Php/2006/12/) » November 2006 (Http://Www.Onlineappsdba.Com/Index.Php/2006/11/) » October 2006 (Http://Www.Onlineappsdba.Com/Index.Php/2006/10/) » September 2006 (Http://Www.Onlineappsdba.Com/Index.Php/2006/09/) » August 2006 (Http://Www.Onlineappsdba.Com/Index.Php/2006/08/) » July 2006 (Http://Www.Onlineappsdba.Com/Index.Php/2006/07/)

« «Previous Post

(http://www.onlineappsdba.com/index.php/2008/11/21/verify-cbo-stats-and-database-initalization-parameters-for-11i/)

Next Post

(http://www.onlineappsdba.com/index.php/2008/11/24/upgrade-oracle-application-server-to-10134-10g-r3-patchset-4/)» »

About k21 technologies

K21 Technologies is among the most experienced Oracle Gold Partner for Identity Access Management service providers. We work with application development companies and in-house technology division to help achieve significant returns on their IT security investment. Our clientele includes some of the globally renowned corporate, which speaks of our expertise in our field.

We have the most talented and experienced team that can swiftly deploy security solutions even in complex IT ecosystem. Our clients highly appreciate our timely implementation, interactive training, on-demand support and community resources.

COMPANY

(12)

» Mission & Values (http://k21technologies.com/mission-values/)

» Our Clients (http://k21technologies.com/our-clients/)

SERVICES

» Mobile Application Security (http://k21technologies.com/security-in-mobile-application/)

» Cloud Application Security (http://k21technologies.com/security-in-cloud-application/)

» IAM Implementation (http://k21technologies.com/oracle-identity-access-management-implementation/)

» IAM Health Check (http://k21technologies.com/iam-health-check/)

» Implementation (http://k21technologies.com/consulting-and-implementation/)

» Support (http://k21technologies.com/support/)

PRODUCTS

» Training (http://trainings.k21technologies.com/)

RESOURCES

» Case Studies (http://k21technologies.com/case-studies/)

» User Groups (http://k21technologies.com/user-groups/)

» Books (http://k21technologies.com/books/) » Events (http://k21technologies.com/events/) » FRIENDS OF K21 (http://k21technologies.com/friends-of-k21/) » Career (http://k21technologies.com/career/)

CONTACTS

K21 Technologies 8 Magnolia Place, Harrow, London, HA2 6DS

UK: +44(0)7476444481 USA: +1-888-414-1821

References

Download now ( PDF - 12 Page - 1.10 MB )

Related documents

Important note To cite this publication, please use the final published version (if applicable). Please check the document version above.

We propose a method to construct a near-optimal control law by means of model-based reinforcement learning and subsequently verifying the reachability and safety of the

WebLogic Server 7.0 Single Sign-On: An Overview

Provided as a critical piece of the WebLogic Security Framework, the concept of identity assertion allows WebLogic Server 7.0 to utilize the authentication mechanism provided

Oracle WebLogic Server

z Chapter 4, “Configuring and Capturing Diagnostic Images,” describes how to configure and use the WLDF Diagnostic Image Capture component to capture a snapshot of significant

Oracle Fusion Middleware 11g Release 1 IDM Suite

• OPSS comprises Oracle WebLogic Server's internal security framework and Oracle's security framework (referred to as Oracle Platform Security or OPS).. How much IDM can

Security Guide. Oracle Utilities Customer Care and Billing Version (OUAF ) F April 2021

• If you are using a service provider like Oracle Identity Suite or Oracle Access Manager in association with Oracle WebLogic, then refer to the documentation provided with

University of Dundee. Published in: Toxicological Sciences. DOI: /toxsci/kfx104. Publication date: Document Version Peer reviewed version

We previously demonstrated Constitutive Androstane Receptor (CAR) and WNT signaling-dependent up- regulation of the pluripotency associated Dlk1-Dio3 imprinted gene

Oracle WebLogic Server

Optionally add Java code to a component of your Web application, such as a servlet, if you want the pub-sub server to publish messages to the channels, filter messages from clients,

Oracle im Open Source Kontext Abgrenzung GlassFish vs. JBoss und wozu noch WebLogic?

Oracle WebLogic Server – Use Case Cloud Computing (Provider). • Cloud Application