Weblogic server contains CC&B application. It is ouaf (Oracle Utilities Application Framework) based product.
Authetication for this application is done using Weblogic server and Authorization is done in application.
For authorization to be done it requires the users along with thiers roles.
We are implementing the perimeter authorization.
For this we done the following:
1. Installed the siteminder web agent in weblogic server.
7. Created the same user names,passwords,user groups in User store(LDAP), weblogic server and CC&B application.
Now after configuring all,
When the application is accessed through proxy. It challenging the credentials to be given for authentication.
After entering username and passwords authentication is being done with SiteMinder authentication.
Then In order to do get authorization process done it requires Usergroup(role) of the user.
The problem here is:
If we have a user in Weblogic server but not in LDAP then when credentials are given it goes to default authentication provider and succeeded
and authorization is also done and Applications(CC&B) Home page is landing.
But as we create the same user in LDAP also (for implementing SSO), when credentials are given it goes to SiteMinder authentication provider and succeeded
But the authorization is not succeeded.
Here in this case we are assuming that,
Since the authentication is done through SiteMinder authentication provider, CC&B is not able to take the details(Username,Role and password) from the token and hence unable to through the Authorization