Forum Stats

  • 3,853,257 Users
  • 2,264,198 Discussions


Authenticate users using Active directory in adf

Mohammed Jahangir
Mohammed Jahangir Member Posts: 120 Blue Ribbon

hello Everyone,

I am new to adf, my requirement is to create an ADF application and authenticate users by Active directory/ windows login credentials. Could you please guide me how to achieve my requirement.

waiting for your response.




  • Timo Hahn
    Timo Hahn Senior Principal Technical Consultant - Oracle ACE Director Member, Moderator Posts: 38,741 Red Diamond

    User, tell us your exact JDev version, please!

    To authenticate users, you use an authentication provider on your Server (WeblogicServer). This isn't a problem of ADF. ADF security wraps authentication and authorization using some simple API. You don't have to do anything in your app but to enable security.

    Look at this older post that points you to the solution.

    Tim Hall prodided an WSLT script to configure AD in WLS at


  • Mohammed Jahangir
    Mohammed Jahangir Member Posts: 120 Blue Ribbon
    edited Sep 13, 2022 7:10AM

    Thanks Timo,

    I am using Jdeveloper version -,

    1. My requirement is in my application I have login form, I have to authenticate users from Active directory.
    2. How can I know that user is authenticated and get his user name in login bean.
    3. Once user is authenticated, I need to check whether user has privileges to access application.
    4. what changes I have to make in my adf application

    Kindly guide me.

    I will go thorough the blogs, hopefully my requirement will be fulfilled. If there is anything then I will get back to discussion.


  • dvohra21
    dvohra21 Member Posts: 14,670 Gold Crown

    Is auto-login used? The auto login functionality is based on Active Directory domain credentials using Microsoft Kerberos over SPNEGO protocol. 

     Kerberos is a network authentication protocol that provides authentication for client and server applications and supports the concept of Single Sign-On (SSO). If you are already logged in to a system that is part of a domain, you can access network services throughout a Kerberos realm without authenticating again. For HTTP, Kerberos support is provided by SPNEGO authentication mechanism. All the browsers support SPNEGO-based authentication. For auto login to work, you must configure browsers to enable the SPNEGO support.

    Please refer "How To Configure Browser-based SSO with Kerberos/SPNEGO"