Monthly Archive: December 2009

Create Active Directory Authentication Provider from WLST

connect(‘weblogic’,’weblogic’,’t3://localhost:7001′)
edit()
startEdit(-1,-1,’false’)
cmo.getSecurityConfiguration().getDefaultRealm().createAuthenticationProvider(‘ADAuthenticator’, ‘weblogic.security.providers.authentication.ActiveDirectoryAuthenticator’)
cmo.getSecurityConfiguration().getDefaultRealm().lookupAuthenticationProvider(‘ADAuthenticator’).setControlFlag(‘OPTIONAL’)
cd(‘/SecurityConfiguration’)
cd(‘base_domain’)
cd(‘Realms/myrealm/AuthenticationProviders’)
cd(‘ADAuthenticator’)
cmo.setGroupBaseDN(‘CN=Users,DC=faisal,DC=bea,DC=com’)
cmo.setUserBaseDN(‘CN=Users,DC=faisal,DC=bea,DC=com’)
cmo.setAllGroupsFilter(‘(objectclass=group)’)
cmo.setPrincipal(‘CN=Administrator,CN=Users,DC=faisal,DC=bea,DC=com’)
cmo.setCredential(‘Passw0rd’)
cmo.setPort(389)
cmo.setHost(‘localhost’)
save()
activate()

BASIC Authentication with Apache

Create user.txt with the username and password separated by colon

user.txt
testuser:testuser

Then use the htpasswd to encrypt the password

Apache2\bin>htpasswd.exe -b user.txt testuser testuser
Automatically using MD5 format.
Updating password for user testuser

Add the following in the httpd.conf file present in C:\Program Files\Apache Group\Apache2\bin

LoadModule weblogic_module modules/mod_wl128_20.so

<Location />
SetHandler weblogic-handler
WebLogicHost localhost
WebLogicPort 7001
Debug ALL
WLLogFile c:/muthu/wlproxy.log
WLTempDir c:/muthu
AuthUserFile C:/muthu/user.txt
AuthName “This is a protected area”
AuthType Basic
Require valid-user
</Location>

Also copy WL_HOME\server\plugin\win\32\mod_wl_22.so to C:\Program Files\Apache Group\Apache2\modules

Restart the Apache Server.

Now if we try to access any unprotected resource on Weblogic Server, a BASIC Authentication Window will be popped up for authentication against Apache.

If authentication is successful, the request will go through provided we set the following in the config.xml

<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>

Otherwise Weblogic Server will try to validate the BASIC authentication Header.

Updating invalidation-interval-secs Using Plan.xml

This article describes the usage of plan.xml to update deploment descriptors on the fly.
In this example we will update the value of invalidation-interval-secs from 90 seconds to 30 seconds using plan.xml.

invalidation-interval-secs

Sets the time, in seconds, that WebLogic Server waits between doing house-cleaning checks for timed-out and invalid sessions, and deleting the old sessions and freeing up memory. Use this element to tune WebLogic Server for best performance on high traffic sites.
The default value is 60 seconds.

Our weblogic.xml looks like this

<?xml version=”1.0″ encoding=”ISO-8859-1″?>

<weblogic-web-app xmlns=”http://www.bea.com/ns/weblogic/90″>

<security-role-assignment>
<role-name>admin</role-name>
<principal-name>weblogic</principal-name>
</security-role-assignment>

<session-descriptor>
<invalidation-interval-secs>90</invalidation-interval-secs>
</session-descriptor >

</weblogic-web-app>

And our plan.xml looks this this

<?xml version=’1.0′ encoding=’UTF-8′?>
<deployment-plan xmlns=”http://www.bea.com/ns/weblogic/90″ xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance” xsi:schemaLocation=”http://www.bea.com/ns/weblogic/90 http://www.bea.com/ns/weblogic/90/weblogic-deployment-plan.xsd” global-variables=”false”>

<application-name>SessionApp</application-name> <!– You need to change this Line and Put your Web Application Name –>
<variable-definition>
<variable>
<name>SessionInvalidationInt</name>
<value>30</value>
</variable>
</variable-definition>

<module-override>
<module-name>SessionApp</module-name> <!– You need to change this Line and Put your Web Application Name –>
<module-type>war</module-type>
<module-descriptor external=”true”>
<root-element>web-app</root-element>
<uri>WEB-INF/web.xml</uri>
<variable-assignment>
<name>SessionInvalidationInt</name>
<xpath>/web-app/session-descriptor/invalidation-interval-secs</xpath>
</variable-assignment>
</module-descriptor>
</module-override>
<config-root>D:\Replications</config-root> <!– You need to change this Line and Put the location of plan.xml file wherever u have pasted it –>
</deployment-plan>

These are the steps that we need to folow to update our application.

References:-

http://download.oracle.com/docs/cd/E11035_01/wls100/webapp/weblogic_xml.html