*
The moose likes BEA/Weblogic and the fly likes Weblogic 8.1 / JAAS Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "Weblogic 8.1 / JAAS Authentication" Watch "Weblogic 8.1 / JAAS Authentication" New topic
Author

Weblogic 8.1 / JAAS Authentication

Anonymous
Ranch Hand

Joined: Nov 22, 2008
Posts: 18944
Hi all,
We've been trying to use JAAS in our application to authenticate and authorize people. Cause our userdata is stored in a database we provided
an own LoginModule which accesses the database and calls the callback handlers method.This Login Module worked fine on Tomcat. Now we move the stuff to BEA and run into problems. It seems that our LoginModule isn't called and so the user access is always denied.

We started the app with -Djava.security.auth.login.config=%WL_HOME%\server\lib\jaas.config

The file contains:


Do we have to provide something else so our LoginModule is used ?
I read something about a Authenticator which has to be definied in the
security realm. And this class contains which LoginModule to use.
But is this really necessary ?

Hope you can gelp me. Thx in Advance

Oliver

BTW: Here is what i get in the audit log:

<admin><AUTHENTICATE>>> <FailureException =javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User admin javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User admin denied>
Marcos Maia
Ranch Hand

Joined: Jan 06, 2001
Posts: 977
Hi,

you'll find good information on this at:

http://edocs.bea.com/wls/docs81/security/index.html

regards.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Weblogic 8.1 / JAAS Authentication
 
Similar Threads
A Question for JBoss at Work Authors
Security Question for JBoss at Work Authors
JAAS vs InitialContext authentication
JAAS client problem in mastering EJB
Using JAAS to authenticate tomcat users