8 Replies Latest reply: Jul 31, 2012 12:37 AM by 998899-Oracle RSS

    login user using Weblogic security

    Rao
      Hi I am new in ADF and want to apply security on my application using web logic authentication
      I am able to create security realm and authentication provider on web logic server and I also succeed to create users by using mbean interface in my application
      I am pasting a code that is doing my work
      package sql.view.backing;

      import java.io.IOException;
      import java.io.Serializable;

      import java.util.Hashtable;

      import javax.management.Descriptor;
      import javax.management.MBeanServerConnection;
      import javax.management.ObjectName;
      import javax.management.modelmbean.ModelMBeanInfo;
      import javax.management.remote.JMXConnector;
      import javax.management.remote.JMXConnectorFactory;
      import javax.management.remote.JMXServiceURL;

      import javax.naming.Context;


      public class SQLAuthenticatorAdapter implements Serializable {
      private static final String MBEAN_INTERFACE = "weblogic.security.providers.authentication.SQLAuthenticatorMBean";
      private MBeanServerConnection connection;
      private JMXConnector connector;
      private ObjectName providerON;


      public void createUser(String username, String password,
      String description) throws Exception {
      System.out.println("create user initiate");
      connection.invoke(providerON, "createUser",
      new Object[] { username, password, description },
      new String[] { "java.lang.String",
      "java.lang.String",
      "java.lang.String" });
      }

      public void createGroup(String groupName, String description) throws Exception {
      connection.invoke(providerON, "createGroup",
      new Object[] { groupName, description },
      new String[] { "java.lang.String",
      "java.lang.String" });
      }

      public void addMemberToGroup(String groupName, String username)throws Exception{
      connection.invoke(providerON, "addMemberToGroup",
      new Object[] { groupName, username },
      new String[] { "java.lang.String", "java.lang.String" });
      }

      public void changeUserPassword(String username, String oldPassword,
      String newPassword) throws Exception {
      connection.invoke(providerON, "changeUserPassword",
      new Object[] { username, oldPassword, newPassword },
      new String[] { "java.lang.String",
      "java.lang.String",
      "java.lang.String" });
      }

      public boolean isMember(String parentGroupName, String memberUserOrGroupName, boolean recursive)throws Exception{
      return (Boolean) connection.invoke(providerON, "isMember",
      new Object[] { parentGroupName, memberUserOrGroupName, recursive },
      new String []{"java.lang.String", "java.lang.String", "java.lang.Boolean"});
      }

      private ObjectName getAuthenticationProviderObjectName(String type)throws Exception{

      ObjectName defaultRealm = getDefaultRealm();
      ObjectName[] atnProviders =
      (ObjectName[])connection.getAttribute(defaultRealm,
      "AuthenticationProviders");
      ObjectName MBTservice =
      new ObjectName("com.bea:Name=MBeanTypeService,Type=weblogic.management.mbeanservers.MBeanTypeService");
      for (int p = 0; atnProviders != null && p < atnProviders.length;
      p++) {
      ObjectName provider = atnProviders[p];
      ModelMBeanInfo info =
      (ModelMBeanInfo)connection.getMBeanInfo(provider);
      Descriptor desc = info.getMBeanDescriptor();
      String className =
      (String)desc.getFieldValue("interfaceClassName");
      String[] mba =
      (String[])connection.invoke(MBTservice, "getSubtypes",
      new Object[] { type },
      new String[] { "java.lang.String" });
      for (int i = 0; i < mba.length; i++) {
      if (mba.equals(className)) {
      return provider;
      }
      }
      }
      return null;
      }
      private ObjectName getDefaultRealm() throws Exception {
      ObjectName service =
      new ObjectName("com.bea:Name=DomainRuntimeService,Type=weblogic.management.mbeanservers.domainruntime.DomainRuntimeServiceMBean");
      ObjectName domainMBean =
      (ObjectName)connection.getAttribute(service, "DomainConfiguration");
      ObjectName securityConfiguration =
      (ObjectName)connection.getAttribute(domainMBean,
      "SecurityConfiguration");
      ObjectName defaultRealm =
      (ObjectName)connection.getAttribute(securityConfiguration,
      "DefaultRealm");
      return defaultRealm;
      }
      public void connect(){
      String hostname = "localhost";
      String username = "weblogic";
      String password = "naeem@qasim";
      int port = 7101;
      System.out.println("connection initiate");
      connect(hostname, username, password, port);
      System.out.println("connected");
      }

      public void connect(String hostname, String username, String password, int port){
      try {      
      String protocol = "t3";
      String jndi =
      "/jndi/weblogic.management.mbeanservers.domainruntime";
      JMXServiceURL serviceURL =
      new JMXServiceURL(protocol, hostname, port, jndi);
      Hashtable env = new Hashtable();
      env.put(Context.SECURITY_PRINCIPAL, username);
      env.put(Context.SECURITY_CREDENTIALS, password);
      env.put(JMXConnectorFactory.PROTOCOL_PROVIDER_PACKAGES,
      "weblogic.management.remote");
      env.put("jmx.remote.x.request.waiting.timeout", new Long(10000));
      connector = JMXConnectorFactory.connect(serviceURL, env);
      connection = connector.getMBeanServerConnection();
      providerON = getAuthenticationProviderObjectName(MBEAN_INTERFACE);
      } catch (Exception ex) {
      throw new RuntimeException(ex);
      }
      }
      public void close(){
      try {
      connector.close();
      } catch (IOException ioe) {
      throw new RuntimeException(ioe);
      }
      }
      }
      ///////////////////////
      I have a custom client class that access these functions and this class create my user
      But now I want to authenticate my user so that i can apply security on my application
      but i dont know which method will do my work please till me is their any method that will take user name and password and give me message either user is valid or not and if user is valid it will create security for me
        • 1. Re: login user using Weblogic security
          Shay Shmeltzer-Oracle
          Did you configure your ADF application to use ADF Security?
          See details here:
          Seminar:
          http://download.oracle.com/otn_hosted_doc/jdeveloper/11gdemos/AdfSecurity/AdfSecurity.html
          Tutorial:
          http://docs.oracle.com/cd/E18941_01/tutorials/jdtut_11r2_29/jdtut_11r2_29.html
          • 2. Re: login user using Weblogic security
            Rao
            I have configured my application for security but I dont know how to use weblogic security realm instead of jazon.xml
            the links you send me are about to configure security using jazon.xml file but I dont need this file I want to user weblogic security realm to authenticate user
            please give me some example tuturial about this security
            • 3. Re: login user using Weblogic security
              Shay Shmeltzer-Oracle
              http://docs.oracle.com/cd/E16162_01/web.1112/e16182/adding_security.htm#BGBICFCA
              • 4. Re: login user using Weblogic security
                Rao
                thanks for your reply I successfully configured security on weblogic but when ever I try to login weblogic authenticate the user and redirect on the welcome page but with an exception like
                <JpsIdentityManagementProvider> <getIdmUserList> WARN_NO_USERS_PATTERN
                oracle.security.idm.ObjectNotFoundException: No User found matching the criteria
                     at oracle.security.idm.providers.stdldap.util.DirectSearchResponse.initSearch(DirectSearchResponse.java:174)
                     at oracle.security.idm.providers.stdldap.util.NonPagedSearchResponse.<init>(NonPagedSearchResponse.java:52)
                     at oracle.security.idm.providers.stdldap.util.NonPagedSearchResponse.<init>(NonPagedSearchResponse.java:43)
                     at oracle.security.idm.providers.stdldap.util.LDAPRealm.searchUsers(LDAPRealm.java:489)
                     at oracle.security.idm.providers.stdldap.LDIdentityStore.search(LDIdentityStore.java:274)
                     at oracle.security.idm.providers.stdldap.LDIdentityStore.searchUsers(LDIdentityStore.java:367)
                     at oracle.adf.share.security.providers.jps.JpsIdentityManagementProvider.getIdmUserList(JpsIdentityManagementProvider.java:505)
                     at oracle.adf.share.security.providers.jps.JpsIdentityManagementProvider.getUserProfileList(JpsIdentityManagementProvider.java:386)
                     at oracle.adf.share.security.identitymanagement.UserManager.getUserProfileList(UserManager.java:314)
                     at oracle.adf.share.security.identitymanagement.UserProfile.initialize(UserProfile.java:91)
                     at oracle.adf.share.security.identitymanagement.UserProfile.<init>(UserProfile.java:81)
                     at oracle.adf.share.security.providers.jps.JpsSecurityContext.getUserProfile(JpsSecurityContext.java:115)
                     at oracle.adf.share.ADFContext.getEnterpriseId(ADFContext.java:850)
                     at oracle.adfinternal.controller.util.LogUtils.getApplicationName(LogUtils.java:392)
                     at oracle.adfinternal.controller.util.LogUtils.gotApplicationName(LogUtils.java:384)
                     at oracle.adfinternal.controller.util.LogUtils.getTimer(LogUtils.java:161)
                     at oracle.adfinternal.controller.util.LogUtils.getTimer(LogUtils.java:209)
                     at oracle.adfinternal.controller.metadata.MetadataServiceImpl.initializePageFlow(MetadataServiceImpl.java:374)
                     at oracle.adfinternal.controller.metadata.MetadataServiceImpl.getPerUserCache(MetadataServiceImpl.java:355)
                     at oracle.adfinternal.controller.metadata.MetadataServiceImpl.getPerUserCache(MetadataServiceImpl.java:324)
                     at oracle.adfinternal.controller.metadata.MetadataServiceImpl.getAdfPageFlow(MetadataServiceImpl.java:180)
                     at oracle.adfinternal.controller.metadata.MetadataServiceImpl.getPageFlow(MetadataServiceImpl.java:434)
                     at oracle.adfinternal.controller.metadata.MetadataServiceImpl.getActivity(MetadataServiceImpl.java:169)
                     at oracle.adfinternal.controller.state.ViewPortContextImpl.getPhysicalURI(ViewPortContextImpl.java:1097)
                     at oracle.adfinternal.controller.application.AdfcPageResolver.getPhysicalURI(AdfcPageResolver.java:75)
                     at oracle.adf.controller.faces.lifecycle.Utils.getPagePathFromViewId(Utils.java:44)
                     at oracle.adfinternal.controller.application.model.UpdateBindingListener.setBindingELVariable(UpdateBindingListener.java:108)
                     at oracle.adfinternal.controller.application.model.UpdateBindingListener.beforePhase(UpdateBindingListener.java:61)
                     at oracle.adfinternal.controller.lifecycle.ADFLifecycleImpl$PagePhaseListenerWrapper.beforePhase(ADFLifecycleImpl.java:550)
                     at oracle.adfinternal.controller.lifecycle.LifecycleImpl.internalDispatchBeforeEvent(LifecycleImpl.java:100)
                     at oracle.adfinternal.controller.lifecycle.LifecycleImpl.dispatchBeforePagePhaseEvent(LifecycleImpl.java:147)
                     at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener$PhaseInvokerImpl.dispatchBeforePagePhaseEvent(ADFPhaseListener.java:119)
                     at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.beforePhase(ADFPhaseListener.java:63)
                     at oracle.adfinternal.controller.faces.lifecycle.ADFLifecyclePhaseListener.beforePhase(ADFLifecyclePhaseListener.java:44)
                     at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:319)
                     at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:204)
                     at javax.faces.webapp.FacesServlet.service(FacesServlet.java:312)
                     at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
                     at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
                     at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
                     at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
                     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
                     at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
                     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
                     at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:121)
                     at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
                     at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
                     at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
                     at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
                     at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
                     at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
                     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
                     at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
                     at java.security.AccessController.doPrivileged(Native Method)
                     at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
                     at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
                     at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
                     at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
                     at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
                     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
                     at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
                     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
                     at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
                     at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
                     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
                     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
                     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
                     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
                     at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
                     at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
                     at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
                     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
                     at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)

                ////////////////////////////////////////////////

                what is this and why this exception occur
                • 5. Re: login user using Weblogic security
                  Rao
                  first configure datasource then create jazn security this will autumatically login from weblogic
                  • 6. Re: login user using Weblogic security
                    998899-Oracle
                    Hi Rao,

                    May i know how you solved the error? I am getting the same error when using sql authenticator.


                    Thanks,
                    Rakesh
                    • 7. Re: login user using Weblogic security
                      Bhargav
                      Did you guys pass through the message " WARN_NO_USERS_PATTERN oracle.security.idm.ObjectNotFoundException: No User found matching the criteria" ?
                      I'm facing this issue with external users.

                      Thanks,
                      Bhargav.
                      • 8. Re: login user using Weblogic security
                        998899-Oracle
                        Hi,

                        This exception is basically thrown when the user is not in the default authenticator ...

                        But i am still having the same warning being shown

                        _Rakesh