0 Replies Latest reply on Feb 5, 2016 5:57 PM by Dietmar Aust

    How the delegation of authentication work technically?

    Dietmar Aust

      Hi guys,


      I was wondering how the integration with the user management of Weblogic and Glassfish or others actually work. How to use it is described here: https://docs.oracle.com/cd/E56351_01/doc.30/e56293/develop.htm#AELIG90056


      Thus we can register users in the Application Server or create them locally using (java -jar ords.war user ...) which is only recommended for development / test environments.


      So, when I access a secured resource I will be prompted for a username/password. If I use user credentials which I registered in Glassfish ... I can successfully log in. If there is no matching user it will pick up the credentials from the local "credentials" file. The point is that in the instructions ( https://docs.oracle.com/cd/E56351_01/doc.30/e56293/develop.htm#AELIG90056) we just create a new user. But where is the connection between the user and the J2EE application ords.war? We didn't apply any security realm to ords.war.


      Anybody knows what is happening behind the scenes?