basic authentication Archive

BASIC Authentication in Websphere Application Server

1 ) Secure the application resources using the descriptor (web.xml)

<!DOCTYPE web-app PUBLIC “-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN” “”>
<web-app id=”WebApp”>











2) Deploy the application on Websphere Application Server.

3)  Go to

Enterprise Applications > Test_Basic_war > Security role to user/group mapping

You will see the application role configured in the web.xml. Map the users to this role from WAS Console.

Step 4) Go to

Security> Secure administration, applications, and infrastructure  and Check Enable application security.

Restart your Server.

Step 5) Access your application, you will be prompted for authentication.


Let us know if you face any issues.



Wonders Team

BASIC Authentication with Apache

Create user.txt with the username and password separated by colon


Then use the htpasswd to encrypt the password

Apache2\bin>htpasswd.exe -b user.txt testuser testuser
Automatically using MD5 format.
Updating password for user testuser

Add the following in the httpd.conf file present in C:\Program Files\Apache Group\Apache2\bin

LoadModule weblogic_module modules/

<Location />
SetHandler weblogic-handler
WebLogicHost localhost
WebLogicPort 7001
Debug ALL
WLLogFile c:/muthu/wlproxy.log
WLTempDir c:/muthu
AuthUserFile C:/muthu/user.txt
AuthName “This is a protected area”
AuthType Basic
Require valid-user

Also copy WL_HOME\server\plugin\win\32\ to C:\Program Files\Apache Group\Apache2\modules

Restart the Apache Server.

Now if we try to access any unprotected resource on Weblogic Server, a BASIC Authentication Window will be popped up for authentication against Apache.

If authentication is successful, the request will go through provided we set the following in the config.xml


Otherwise Weblogic Server will try to validate the BASIC authentication Header.