Weblogic中配置Active Directory Authentication Provider
其要点或者容易出错的关键点是:(<>及其中说明表明须要替换的内容)web
Host: ads.yourdomain.com Host填AD服务器的域名或IP服务器
Port: 389 Port默认389端口,能够用telnet <ad server ip> 389 来测试你的域控端口是否能够访问app
Principal: cn=Administrator,cn=Users,dc=yourdomain,dc=com cn填管理员用户名,dc dc 把域名拆开写就能够了dom
Credential: ******* 你的管理员密码ide
Confirm Credential: ******* 再一遍测试
Users ui
User Base DN: cn=Users,dc=yourdomain,dc=com 3d
User From Name Filter: (&(samAccountName=%u)(objectclass=user))server
User Name Attribute: samAccountNamexml
Groups
Group Base DN: cn=Users,dc=yourdomain,dc=com
Group From Name Filter: (&(cn=%g)(objectclass=group))
Configuring Active Directory Authenticator with Weblogic Server
Weblogic Server comes with an Embedded LDAP Server which acts as the Default Provider for authentication, authorization and rolemapping.Since authentication is based on JAAS ( Java Authentication and Authorization Service), we can have external providers as well.These providers can be Out Of the Box Providers provided by WLS or Custom Providers which can be plugged in. I’ll discuss that in some other article.
These are some of the providers
WLS does provide an out of the box provider for Active Directory.
These are the steps to configure it.
Step 1). Open Active Directory Console
Step 2). Create a User 
Step 3). Assign it to Administrator Group. This is required as Active Directory gives connection only to Admin User. 
Step 4). Go to Weblogic Server and Create an Active Directory Authentication Provider 
Step 5) Under Provider Specific, provide the following values, leave the others as default.
Propagate Cause For Login Exception ( checked)
Principal :CN=aduser,CN=Users,DC=faisal,DC=bea,DC=com
User Base Dn : CN=Users,DC=faisal,DC=bea,DC=com
Credential : XXXXXX
Group Base Dn: CN=Users,DC=faisal,DC=bea,DC=com
You should see the following in the config.xml
<sec:authentication-provider xsi:type=”wls:active-directory-authenticatorType”>
<sec:name>ActiveDirectory</sec:name>
<sec:control-flag>SUFFICIENT</sec:control-flag>
<wls:propagate-cause-for-login-exception>false</wls:propagate-cause-for-login-exception>
<wls:principal>CN=aduser,CN=Users,DC=faisal,DC=bea,DC=com</wls:principal>
<wls:user-base-dn>CN=Users,DC=faisal,DC=bea,DC=com</wls:user-base-dn>
<wls:credential-encrypted>{3DES}YoOwqSH1jxsOlvUmAYOENw==</wls:credential-encrypted>
<wls:group-base-dn>CN=Users,DC=faisal,DC=bea,DC=com</wls:group-base-dn>
</sec:authentication-provider>
Step 6) Change the control flag of the Active Directory Authenticator and the Default Authenticator to SUFFICIENT 
Step 7) Restart your server. Go to myrealm. You should be able to see the users and groups from the Active Directory. 
- 1. Windows Azure 配置Active Directory 主机(3)
- 2. Office365 Active Directory同步配置筛选
- 3. Windows Azure 配置Active Directory 主机(4)
- 4. Windows Server 2003 Active Directory 配置指南
- 5. 配置Operations Manager与Active Directory集成
- 6. Windows Azure 配置Active Directory 主机(2)
- 7. Active Directory 账号迁移配置介绍
- 8. Spring Security 的Authentication Provider
- 9. MyEclipse中weblogic配置
- 10. weblogic中配置domain
- 更多相关文章...
- • Eclipse Debug 配置 - Eclipse 教程
- • Maven 环境配置 - Maven教程
- • IntelliJ IDEA 代码格式化配置和快捷键
- • IDEA下SpringBoot工程配置文件没有提示
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. 「插件」Runner更新Pro版,帮助设计师远离996
- 2. 错误 707 Could not load file or assembly ‘Newtonsoft.Json, Version=12.0.0.0, Culture=neutral, PublicKe
- 3. Jenkins 2018 报告速览,Kubernetes使用率跃升235%!
- 4. TVI-Android技术篇之注解Annotation
- 5. android studio启动项目
- 6. Android的ADIL
- 7. Android卡顿的检测及优化方法汇总(线下+线上)
- 8. 登录注册的业务逻辑流程梳理
- 9. NDK(1)创建自己的C/C++文件
- 10. 小菜的系统框架界面设计-你的评估是我的决策
- 1. Windows Azure 配置Active Directory 主机(3)
- 2. Office365 Active Directory同步配置筛选
- 3. Windows Azure 配置Active Directory 主机(4)
- 4. Windows Server 2003 Active Directory 配置指南
- 5. 配置Operations Manager与Active Directory集成
- 6. Windows Azure 配置Active Directory 主机(2)
- 7. Active Directory 账号迁移配置介绍
- 8. Spring Security 的Authentication Provider
- 9. MyEclipse中weblogic配置
- 10. weblogic中配置domain