Skip to Main Content
Forums

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

How to get the username/password of the current owner of the running code

680524Oct 9 2011 — edited Oct 10 2011
Dear friends,

Our product is running on the App Server(weblogic/websphere...) and we also use security provider(OpenLDAP) and kerberos to support SSO. Before, when a user tyies to login in the first time, the way we use to authenticate the user is:
1) Accept the username/password
2) Query the security provider(OpenLDAP) to get the principles.
3) verity if the username/password is corrent or not.

As we know, to query the principles, we need to provide a search user(both username and password) if we configured the access control of the ldap server:
I have configured my envirioment as follows
1) In the LDAP server, configured the Middle Tire user(The Operating System user running the App Server) to have the permission to query principles.
2) The server is configured to runing on SSO envirioment.

My question is could I get the username/password of the OS user running the App Server at runtime so that I can query the ldap server without explicitly providing the search user?

Thanks,
RR

Edited by: Ricky Ru on Oct 9, 2011 1:50 AM

Comments

Processing
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Nov 7 2011
Added on Oct 9 2011
#kerberos-java-gss-jgss
4 comments
3,133 views