Configuring OpenDS with Weblogic Server

Download Install and Configure OpenDS.

I used the following LDIF as BASE while installing OpenDS.

dn: dc=oracle,dc=com
dc: oracle
objectClass: domain
objectClass: top

dn: ou=TEST, dc=oracle,dc=com
ou: TEST
objectClass: organizationalUnit
objectClass: top

dn: cn=faisal,ou=TEST, dc=oracle,dc=com
uid: faisal
userPassword:: e1NTSEF9dnhBYUZKRzBONmwzWTdRMHBQRmdiczZrRHd5VUNwWCtCQTdlaHc9PQ
==
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: top
givenName: Faisal
sn: Khan
cn: faisal

dn: cn=testuser,ou=TEST, dc=oracle,dc=com
uid: testuser
userPassword:: e1NTSEF9YXpZckZodWpla1FjWUNqcFJDQlRUeFRjOGNPa0NtaTF1a1hqWUE9PQ
==
objectClass: person
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: top
givenName: testuser
sn: testuser
cn: testuser

dn: cn=TestGroup,ou=TEST, dc=oracle,dc=com
description: TestGroup
objectClass: groupOfUniqueNames
objectClass: top
uniqueMember: cn=faisal,ou=TEST,dc=oracle,dc=com
cn: TestGroup

Create an LDAP Authenticator.

Home >Summary of Security Realms >myrealm >Providers > Create New LDAPAuthenticator.

Make the CONTROL FLAG as SUFFICIENT.

In the Provider Specific Tab provide the following details:

PORT : 1389
Principal : cn=faisal,ou=TEST, dc=oracle,dc=com
User Base DN : ou=TEST, dc=oracle,dc=com
Credentials : XXXXXXXXXXX
Group Base DN : ou=TEST, dc=oracle,dc=com

Leave the rest as default.

Now go to

Home >Summary of Security Realms >myrealm >Providers >Realm Roles
Expand Global Roles -> Expand Roles -> Click on View Role Conditions of the Admin Role -> Click on Add Conditions -> Select User in Predicate List -> Click Next -> In User Argument Name ADD faisal and FINISH -> Click Save

Change the control flag of the Default Authenticator as SUFFICIENT.

Log out and log in as faisal !

config.xml

<sec:authentication-provider xsi:type=”wls:ldap-authenticatorType”>
<sec:name>LDAPAuthenticator</sec:name>
<sec:control-flag>OPTIONAL</sec:control-flag>
<wls:propagate-cause-for-login-exception>false</wls:propagate-cause-for-login-exception>
<wls:port>1389</wls:port>
<wls:principal>cn=faisal,ou=TEST, dc=oracle,dc=com</wls:principal>
<wls:user-base-dn>ou=TEST, dc=oracle,dc=com</wls:user-base-dn>
<wls:credential-encrypted>{3DES}kbrkWhYOB2I3Y3Ss4Mt5Kw==</wls:credential-encrypted>
<wls:group-base-dn>ou=TEST, dc=oracle,dc=com</wls:group-base-dn>
</sec:authentication-provider>

References:
https://opends.dev.java.net/public/downloads_index.html

4 comments

pp says:

19 January 2012 at 8:17 am

Hi,

Can you please let me know steps for configuring openldap with weblogic 10.3.3.
1. Administrator says:
  
  25 January 2012 at 7:37 am
  
  Hi Prakash,
  
  You can refer this blog.
  
  http://blogs.oracle.com/jamesbayer/entry/using_openldap_with_weblogic_s
  
  Thanks,
  Faisal
Vince says:

31 October 2012 at 12:33 pm

I’m curious if you ever got this to work with SunDS and MS-AD both configured at the same time?
1. Administrator says:
  
  4 November 2012 at 1:32 pm
  
  Hi Vince,
  
  You can have MS-AD authenticator and SunDS configured at the same time.
  We just need to create two authentication providers.
  
  Thanks,
  Faisal

Comments are closed.

Related