File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes BEA/Weblogic and the fly likes LDAP authentication in Weblogic 8.1 sp4 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "LDAP authentication in Weblogic 8.1 sp4" Watch "LDAP authentication in Weblogic 8.1 sp4" New topic
Author

LDAP authentication in Weblogic 8.1 sp4

p kiran
Greenhorn

Joined: Sep 13, 2005
Posts: 7
Hi,

We have a web application which interacts to the D/B to authenticate a user during our login process. Now we are trying to change the login to LDAP authentication. Here is the List I did on weblogic configuration correct me if this is correct or if am missing any thing.
1. Created a Realm
2. Created a NOVELL LDAP Authenticator (configured user, groups, members, Novell LDAP, Details)
3. Created a X.509 certificates ??? Do I need to create this one for authentication. The only question is I am confused by these parameters and help me out in figuring out these:
a. filter attributes = cn=$subj.cn
b. username attribute = cn
c. userCertificate;binary ??? ( I have a certificate idmtree.der where do I add configuration about this certificate in the console)>>>>>>>>
d. certificate mapping : ou=user,ou=$subj.ou,o=$subj.o,c=$subj.c (IS THIS CORRECT)
4. created a new Weblogic Default Authorizer...
5. created a new Weblogic Default Role Mapper...
6. created a new Weblogic Default Credential Mapper ...(Do I need to setup my certificate inside this credential mapper or not.)

7. I made this realm as the DEFAULT realm and started the server
I get the following exception.

Initializing RoleMapper provider using LDIF template file C:\bea\user_projects\domains\mydomain\.\DefaultRoleMapperInit.ldift.>

The RoleMapper provider has had its LDIF information loaded from: C:\bea\user_projects\domains\mydomain\.\DefaultRoleMapperInit.ldift>

Initializing Authorizer provider using LDIF template file C:\bea\user_projects\domains\mydomain\.\DefaultAuthorizerInit.ldift.>

The Authorizer provider has had its LDIF information loaded from: C:\bea\user_projects\domains\mydomain\.\DefaultAuthorizerInit.ldift>

Loading trusted certificates from the jks keystore file C:\bea\weblogic81\server\lib\DemoTrust.jks.>

Loading trusted certificates from the jks keystore file C:\bea\JDK142~1\jre\lib\security\cacerts.>

Loading trusted certificates from the jks keystore file C:\bea\weblogic81\server\lib\DemoTrust.jks.>

Loading trusted certificates from the jks keystore file C:\bea\JDK142~1\jre\lib\security\cacerts.>

Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure.>

Server failed during initialization. Exception:weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection - with nested exception:

[java.lang.reflect.InvocationTargetException - with target exception:

[netscape.ldap.LDAPException: [Security:090477]Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure. (91)]]

weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection - with nested exception:

[java.lang.reflect.InvocationTargetException - with target exception:

[netscape.ldap.LDAPException: [Security:090477]Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure. (91)]]

at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:205)

at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:262)

at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(SecurityServiceManagerDelegateImpl.java:581)

at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:420)

at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm(SecurityServiceManagerDelegateImpl.java:700)

at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:733)

at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize(SecurityServiceManagerDelegateImpl.java:876)

at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:734)

at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:822)

at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:670)

at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:344)

at weblogic.Server.main(Server.java:32)

>

####<Apr 6, 2006 10:42:55 AM CDT> <Emergency> <WebLogicServer> <DXPCHI029398> <myserver> <main> <<WLS Kernel>> <> <BEA-000342> <Unable to initialize the server: weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection - with nested exception:

[java.lang.reflect.InvocationTargetException - with target exception:

[netscape.ldap.LDAPException: [Security:090477]Certificate chain received from ldapidv.merc.chicago.cme.com - 10.5.19.190 was not trusted causing SSL handshake failure. (91)]]>

ANY HELP on this would be greatly appreciated am totally exhausted seeing these error messages from morning.

thanks in advance
kiran
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: LDAP authentication in Weblogic 8.1 sp4
 
Similar Threads
i am unable to start and stop the weblogic server from eclipse 3.1.
Authentication for user weblogic denied
Authentication for user weblogic denied
Google URL Shortner API with weblogic 10.3.4
Weblogic server problem.