Hi, I am using weblogic 8.1 portal server.I have configured it with open LDAP server for authenticating users. I can do authentication for my portal application of the users through embeded (internal) LDAP but we need to authenticate users from open LDAP also.I need help regarding that only. There are some users in embeded LDAP and some in open LDAP.all of the users should get authenticated with the weblogic . I can see the users in open LDAP thru the security realm in my weblogic server but cann't use them for authentication.
I haven't done this, but it is on my to-do list. I believe one has to set the Control Flag of the Authenticator Provider to "SUFFICIENT" for both realms. Configuring Security Providers
It will be great if you can just try the settings at your place once as I have tried with many permutations and combination at my place and I know I must be missing somewhere and hene I couldnot get the desired result. Looking forward for your reply.
I got it to work. I have a single realm with two Authenticators: a DefaultAuthenticator for the embedded LDAP and a SunOneAuthenticator for my external LDAP (We use SunOne which is Sun's branded version of OpenLDAP). Each Authenticator is set to "SUFFICIENT". The provider-specific set-up of the Authenticator is non-trivial and probably differs between our directories. Do you have an LDAP admin who can help you out with the configuration?
Originally posted by Soumik Basu: Please find my LDIF file below and let me know if I there is anything wrong in it.
If your LDAP server is fine with it, I am. Can you see the users from OpenLDAP in the weblogic console realm user browser? If not, the OpenLDAP Authenticator isn't configured correctly and that's the source of your problem.
I am very new to Open LDAP so can you please tell me how to put groups in security constraints as mentioned by you. Is it possible for you to share your contact number,with your convinient time, such that I can call you up and resolve this issue at the earliest. [ October 29, 2008: Message edited by: Soumik Basu ]
I'm not going to call you directly for the reasons stated here, and I suggest you remove your phone number immediately unless you want calls from unscrupulous individuals. You can edit your post by clicking on the icon above your post. Security constraints are declared in your web applications web.xml file. You should have a <security-constraint> block. Within that block will be a <auth-constraint> block. Within that block are <role-name>. The name in that tag should correspond to the group name assigned to a user in LDAP. If the user isn't a member of that group, they can't log in. You can have multiple <security-constraint> blocks to restrict different parts of your application to different users/groups.
Joe, Thanks for your help and guidance.I had finally configured and authenticated my weblogic portal with open LDAP. ther was problem in my open LDAP server only.There was some issues with rights .....i had to modify my slapd.conf file to get the output. Thanks again buddy!!!