0 Replies Latest reply: Dec 10, 2012 10:27 AM by 979018 RSS

    Weblogic server BASIC Authentication not prompting for username

      I created a very simple Weblogic 10.3.5 web application with BASIC Authentication that for some reason doesn't prompt for the username and password. I believe the web.xml and weblogic.xml are created properly. The entire application is below.

      It consists of two files:

      index.html -- that anyone should be able to load
      remoteuser.jsp -- that only people in 'group' should be able to load

      I added an <auth-constraint> for all JSPs (*.jsp), such that only users in 'group' should be able to load them. However, when I load the url "/remoteuser.jsp", it displays "The remote user is null", and doesn't prompt for a username and password. The causes the JSP to also print out null instead of the remote user's name.

      The <auth-method> is, of course, set to BASIC.

      I currently don't even have any groups defined in Weblogic's Security Realm, because I want to watch it fail first.

      According to this Weblogic documentation (http://docs.oracle.com/cd/E15051_01/wls/docs103/security/thin_client.html#wp1037337), I believe that I'm doing everything correctly.

      Do I have to modify the Weblogic Security Realm's Authentication Provider? Or some other setting?

      I know that I'm doing something silly, but can't see it. Please help!











      <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
      <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
      <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
      <title>Remote User</title>
      Only users in "group" should be able to load this page.
      The remote user is <%= request.getRemoteUser() %>

      <head><title>WebLogic Test</title></head>

      Everyone should be able to see this.