We have a servlet which is using form based authentication. In the auth-constraint section of web.xml, we specified a number of roles which can access the servlet:
It worked fine in all web servers, but for weblogic, I have to include a weblogic.xml to map particular users into one of these roles:
<?xml version="1.0" encoding="UTF-8"?>
In this case, anyone logged in as wlUser1 can access our servlet. It works for weblogic. But imagine I add a new user to WL, I will have to add that user to the deployed weblogic.xml, which is not practical at all.
Is there a way to may any authenticated user into some roles? Is there any better ways to do it?
Has anyone done the same? The servlet I'm developing is supported on all other app/web servers. I'm only hitting this issue with weblogic. What should I use in weblogic.xml to achieve this?
Thanks in advance for helping.
you can create a group : WLGroup in weblogic security realm.
Then create users such as WLUser1, WLUser2 etc and assign to WLGroup.
Then You can use the WLGroup as the <principal-name>WLGroup </principal-name> in weblogic.xml file.
I also tried that, but getting the same results.
Can I assume that if I log in to the console, without logging off, I should have the session available and when I hit my servlet, the same credential will be used to access my servlet?
Or do I always need to create a login servlet and always login to this servlet first before hitting my servlet?