• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Aunthentication Problem:URGENT

 
Ranch Hand
Posts: 148
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
How will u set the Aunthentication for a user in Weblogic6.0
 
Ranch Hand
Posts: 293
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Vinod,
There are a couple of different security-authentication mechanisms you can employ with WebLogic Server. The simplest thing to do would be to use the default fileRealm (ok for apps with less than 1000 users). Do the following:
1. Add some new users (and possibly groups) from within the Admin Console.
2. In the weblogic.xml file, set up a new role, and assign a group (or individual(s)) to that role, such as:
<security-role-assignment>
<role-name>administrator</role-name>
<principal-name>MyAdminGroup</principal-name>
</security-role-assignment>
The <role-name> can be anything you want, and the <principal-name> matches to a group or name that you defined in the Admin Console.
3. Lastly, restrict a resource to that security role. This is done in the web.xml file, such as:
<security-role>
<role-name>administrator</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>SecretAdminApp</web-resource-name>
<url-pattern>/secret.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>administrator</role-name>
</auth-constraint>
</security-constraint>
For enterprise, world-class apps however, you wouldn't want to keep all of your security information in the fileRealm.properties file. Instead you would probably want to go with another mechanism.
--------------------
Joe McGuire
Sun Certified Java™ 2 Programmer, BEA WLS Certified Developer
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
reply
    Bookmark Topic Watch Topic
  • New Topic