List Users and Groups in Weblogic using JMX

There are times when an Application Needs to interact with the Weblogic Server Embedded LDAP Server and Add/Modify/List users or groups. Weblogic Server provides UserReaderMBean, UserRemoverMBean, GroupReaderMBean, GroupRemoverMBean for this purpose.

Below you will find a sample to list users and groups present in the Embedded Ldap Server. This program will give you an idea which you can further develop on.

import javax.naming.*;
import javax.management.MBeanInfo;
import weblogic.jndi.Environment;
import weblogic.management.runtime.ServerRuntimeMBean;
import weblogic.security.providers.authentication.DefaultAuthenticatorMBean;
import weblogic.management.security.authentication.UserReaderMBean;
import weblogic.management.security.authentication.GroupReaderMBean;
import weblogic.management.MBeanHome;
import weblogic.management.WebLogicMBean;
import weblogic.management.tools.Info;
import weblogic.management.Helper;
import weblogic.management.security.authentication.*;

public class ListUsersAndGroups
{
public static void main(String[] args)
{

MBeanHome home = null;
try
{

Environment env = new Environment();
env.setProviderUrl(“t3://localhost:7001?);
env.setSecurityPrincipal(“weblogic”);
env.setSecurityCredentials(“weblogic”);
Context ctx = env.getInitialContext();

home = (MBeanHome)ctx.lookup(“weblogic.management.adminhome”);

weblogic.management.security.RealmMBean rmBean = home.getActiveDomain().getSecurityConfiguration().getDefaultRealm();

AuthenticationProviderMBean[] authenticationBeans = rmBean.getAuthenticationProviders();
DefaultAuthenticatorMBean defaultAuthenticationMBean = (DefaultAuthenticatorMBean)authenticationBeans[0];
UserReaderMBean userReaderMBean = (UserReaderMBean)defaultAuthenticationMBean;
GroupReaderMBean groupReaderMBean = (GroupReaderMBean)defaultAuthenticationMBean;

String userCurName = userReaderMBean.listUsers(“*”, 100);

while (userReaderMBean.haveCurrent(userCurName) )
{
String user = userReaderMBean.getCurrentName(userCurName);
System.out.println(“n User: ” + user);
userReaderMBean.advance(userCurName);
}

String cursorName = groupReaderMBean.listGroups(“*”, 100);
while (groupReaderMBean.haveCurrent(cursorName) )
{

String group = groupReaderMBean.getCurrentName(cursorName);
System.out.println(“n Group: ” + group);
groupReaderMBean.advance(cursorName);
}

}
catch (Exception e)
{
e.printStackTrace();
}
}
}

8 comments

  1. I want to retrieve list of users (plain text) added to particular group in Security Realms (OPEN/NIS LDAP).

    Please lemme know.

    Thanks
    RC2.

  2. Hi,
    I want to know if there is a way to be able to decrypt the passwords from the DefaultAuthenticator.dat file . i have a need to setup all those logins in a new db.

    any inputs are appreciated.

    Cheers,
    Kishi

    1. Hi Nasir,

      You can get only those attributes which are exposed in the API.

      Thanks,
      Faisal

Comments are closed.