File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes BEA/Weblogic and the fly likes war, weblogic 8.1 and security realm's Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "war, weblogic 8.1 and security realm Watch "war, weblogic 8.1 and security realm New topic
Author

war, weblogic 8.1 and security realm's

Olexiy Prokhorenko
Ranch Hand

Joined: Jul 11, 2004
Posts: 97
hello guys.

please help me. where am I wrong?

in weblogic 8.1 server we have default security realm called myrealm. I created user user123 with password in this realm and deployed simple web application (WAR) with basic authorisation. in web.xml of this application I have:

...
<login-config>
...
<realm-name>myrealm</realm-name>
...
</login-config>
...

and tried this application.
everything works perfectly well.

then I decided to create new (second) security realm superx. I decided that I will keep all users for my web application in this new realm.
so, now we have myrealm (as default), and superx. I removed user from myrealm and added to superx. modified web.xml of my web application:

...
<login-config>
...
<realm-name>superx</realm-name>
...
</login-config>
...

and tried this application.
it doesn't work now! why?!

now, I set my superx as default realm, so myrealm is not default now. tried application once again, and it works!!!


what's the problem?
it looks like that my realm-name from web.xml is absolutely ignored, and my web application can "see" only default realm.

what I am doing wrong?

thanks!
[ February 11, 2005: Message edited by: Olexiy Prokhorenko ]

<a href="http://www.BossTalks.com" target="_blank" rel="nofollow">http://www.BossTalks.com</a><br />Free advices and help for entrepreneurs: from Idea to IPO<br />Software and IT Project Management forum
Marcos Maia
Ranch Hand

Joined: Jan 06, 2001
Posts: 977
Hi,

weblogic supports as many realms as you want to be configured but ONLY ONE ACTIVE at a time, so this is expected.

regards.
Olexiy Prokhorenko
Ranch Hand

Joined: Jul 11, 2004
Posts: 97
Hello Marcos,

Thank you for your reply. I understood.

The only thing that I need is to have few Web applications (WAR) deployed on WebLogic 8.1 Server, in one domain, all of them will need to use _container_managed_security_ (FORM/Basic authorisation) - but I need all of them NOT to use the only ONE common resource of users.

At the moment, all these Web applications are using default realm, and understand users only from this realm.
But I need for the first Web app. to see one list of users, other Web app. - to see other list of users, etc.

Is there any way to do that in WebLogic?

Thanks!
Marcos Maia
Ranch Hand

Joined: Jan 06, 2001
Posts: 977
Hi,

You can configure different groups and roles and then using Security Policies get the behavior you need. Look at:

http://e-docs.bea.com/wls/docs81/secintro/realm_chap.html#1036939

regards.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: war, weblogic 8.1 and security realm's
 
Similar Threads
Help with https implementation
problem in upgrading wl6 to wl 8.1
Realm question
EJB and Security (JAAS)
Problems with use of security realm with custom authentication provider???