embedded ldap Archive

Connecting to Weblogic Server Embedded LDAP using LDAP Browser

Weblogic Server Embedded LDAP Server runs on the same port as the Server. The Master LDAP Server runs on the same port on which the Admin Server runs. Any changes is first made on the Master LDAP Server and it gets propagated to the Embedded LDAP Server on the Mananged Servers. If we do any changes to the LDAP Server of the Managed Servers , it doesn’t get reflected on the Master LDAP Server so we should be careful with our application design when the application interacts with the Embedded LDAP Server.

In this post i’ll demostrate how to connect to the Embedded LDAP Server of Weblogic.

First we need to go to  Domain > Security > Embedded LDAP and set the credential as weblogic.

The we need to restart the Weblogic Server. This step is very important!

Then we need to acess any LDAP Browser Console and create a session (depending of the browser)

After this step we need to provide the connection values as given in the screenshot

Save it and connect to the Embedded LDAP Server. You should see the list of users, groups, roles etc.

You can modify the entries as well, like add or delete users or groups from the LDAP Server, however all changes should be done on the Master LDAP Server.

Let me know if you have any queries.

Creating Users in Weblogic Server Embedded LDAP Programatically.

I have received many requests from Clients for code snippet to create users programmatically.Below is a sample code by which we can create users in the Embedded LDAP of Weblogic Server.Put simple, this program creates an MBean Server connection, traverses to the relevant Mbean and invokes the right method to create the user.

Details can be found at this link.
http://download.oracle.com/docs/cd/E13222_01/wls/docs90/jmx/accessWLS.html
Use the following code is a JSP and do the necessary import and acess the jsp page.

User testuser will be created in the embedded ldap with the password as password.

Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,”weblogic.jndi.WLInitialContextFactory”); env.put(Context.SECURITY_PRINCIPAL, “weblogic”);
env.put(Context.SECURITY_CREDENTIALS, “weblogic”);
env.put(Context.PROVIDER_URL, “t3://10.10.71.52:7001”);
InitialContext ctx = new InitialContext(env);
MBeanServer wls = (MBeanServer) ctx.lookup(“java:comp/env/jmx/runtime”);
ObjectName userEditor = null;
ObjectName MBTservice = new ObjectName( “com.bea:Name=MBeanTypeService,” + “Type=weblogic.management.mbeanservers.MBeanTypeService”);
ObjectName rs = new ObjectName(“com.bea:Name=RuntimeService,”+”Type=weblogic.management.mbeanservers.runtime.RuntimeServiceMBean”);
ObjectName domainMBean = (ObjectName) wls.getAttribute(rs,”DomainConfiguration”); ObjectName securityConfig = (ObjectName) wls.getAttribute(domainMBean,”SecurityConfiguration”);
ObjectName defaultRealm = (ObjectName) wls.getAttribute(securityConfig,”DefaultRealm”);
ObjectName[] atnProviders = (ObjectName[]) wls.getAttribute(defaultRealm,”AuthenticationProviders”);

for (ObjectName providerName : atnProviders) {
if (userEditor == null) {
ModelMBeanInfo info = (ModelMBeanInfo) wls.getMBeanInfo(providerName);
String className = (String) info.getMBeanDescriptor().getFieldValue(“interfaceClassName”);
if (className != null) {
String[] mba = (String[]) wls.invoke( MBTservice, “getSubtypes”, new Object[] { “weblogic.management.security.authentication.UserEditorMBean” }, new String[] { “java.lang.String” });

for (String mb : mba)
if (className.equals(mb)) userEditor = providerName;
}
}
}

if (userEditor == null) throw new RuntimeException(“Could not retrieve user editor”);

try{

out.println(“Creating User : testuser”);
wls.invoke(userEditor,”createUser”,new Object[] {“testuser”,”password”,”test user”},new String[] {“java.lang.String”, “java.lang.String”,”java.lang.String”});
out.println(“Created User : testuser”);
}

catch(Exception e){
e.printStackTrace();
}
ctx.close();