• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

war, weblogic 8.1 and security realm's

 
Ranch Hand
Posts: 97
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hello guys.

please help me. where am I wrong?

in weblogic 8.1 server we have default security realm called myrealm. I created user user123 with password in this realm and deployed simple web application (WAR) with basic authorisation. in web.xml of this application I have:


...
<login-config>
...
<realm-name>myrealm</realm-name>
...
</login-config>
...


and tried this application.
everything works perfectly well.

then I decided to create new (second) security realm superx. I decided that I will keep all users for my web application in this new realm.
so, now we have myrealm (as default), and superx. I removed user from myrealm and added to superx. modified web.xml of my web application:


...
<login-config>
...
<realm-name>superx</realm-name>
...
</login-config>
...


and tried this application.
it doesn't work now! why?!

now, I set my superx as default realm, so myrealm is not default now. tried application once again, and it works!!!


what's the problem?
it looks like that my realm-name from web.xml is absolutely ignored, and my web application can "see" only default realm.

what I am doing wrong?

thanks!
[ February 11, 2005: Message edited by: Olexiy Prokhorenko ]
 
Ranch Hand
Posts: 977
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

weblogic supports as many realms as you want to be configured but ONLY ONE ACTIVE at a time, so this is expected.

regards.
 
Olexiy Prokhorenko
Ranch Hand
Posts: 97
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello Marcos,

Thank you for your reply. I understood.

The only thing that I need is to have few Web applications (WAR) deployed on WebLogic 8.1 Server, in one domain, all of them will need to use _container_managed_security_ (FORM/Basic authorisation) - but I need all of them NOT to use the only ONE common resource of users.

At the moment, all these Web applications are using default realm, and understand users only from this realm.
But I need for the first Web app. to see one list of users, other Web app. - to see other list of users, etc.

Is there any way to do that in WebLogic?

Thanks!
 
Marcos Maia
Ranch Hand
Posts: 977
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

You can configure different groups and roles and then using Security Policies get the behavior you need. Look at:

http://e-docs.bea.com/wls/docs81/secintro/realm_chap.html#1036939

regards.
 
reply
    Bookmark Topic Watch Topic
  • New Topic