Here i am going to demonstrate how to configure SQL authenticator on Weblogic server and view users and groups. I am using sample tables here. You can configure you own tables.
Database setup(sample)
- Create some database tables to be used for
the SQL authenticator. SQLplus could be used. Use the following script to
create the default schema used by WLS:
CREATE
TABLE USERS (
U_NAME VARCHAR(200) NOT NULL,
U_PASSWORD VARCHAR(50) NOT NULL,
U_DESCRIPTION VARCHAR(1000))
;
ALTER TABLE USERS
ADD CONSTRAINT PK_USERS
PRIMARY KEY (U_NAME)
;
CREATE TABLE GROUPS (
G_NAME VARCHAR(200) NOT NULL,
G_DESCRIPTION VARCHAR(1000) NULL)
;
ALTER TABLE GROUPS
ADD CONSTRAINT PK_GROUPS
PRIMARY KEY (G_NAME)
;
CREATE TABLE GROUPMEMBERS (
G_NAME VARCHAR(200) NOT NULL,
G_MEMBER VARCHAR(200) NOT NULL)
;
ALTER TABLE GROUPMEMBERS
ADD CONSTRAINT PK_GROUPMEMS
PRIMARY KEY (
G_NAME,
G_MEMBER
)
;
ALTER TABLE GROUPMEMBERS
ADD CONSTRAINT FK1_GROUPMEMBERS
FOREIGN KEY ( G_NAME )
REFERENCES GROUPS (G_NAME)
ON DELETE CASCADE
U_NAME VARCHAR(200) NOT NULL,
U_PASSWORD VARCHAR(50) NOT NULL,
U_DESCRIPTION VARCHAR(1000))
;
ALTER TABLE USERS
ADD CONSTRAINT PK_USERS
PRIMARY KEY (U_NAME)
;
CREATE TABLE GROUPS (
G_NAME VARCHAR(200) NOT NULL,
G_DESCRIPTION VARCHAR(1000) NULL)
;
ALTER TABLE GROUPS
ADD CONSTRAINT PK_GROUPS
PRIMARY KEY (G_NAME)
;
CREATE TABLE GROUPMEMBERS (
G_NAME VARCHAR(200) NOT NULL,
G_MEMBER VARCHAR(200) NOT NULL)
;
ALTER TABLE GROUPMEMBERS
ADD CONSTRAINT PK_GROUPMEMS
PRIMARY KEY (
G_NAME,
G_MEMBER
)
;
ALTER TABLE GROUPMEMBERS
ADD CONSTRAINT FK1_GROUPMEMBERS
FOREIGN KEY ( G_NAME )
REFERENCES GROUPS (G_NAME)
ON DELETE CASCADE
- Populate the database using this script:
insert
into USERS (U_NAME,U_PASSWORD,U_DESCRIPTION) values('system','weblogic','admin
user');
insert into GROUPS (G_NAME,G_DESCRIPTION) values('Administrators','Administrators');
insert into GROUPMEMBERS (G_NAME,G_MEMBER) values('Administrators','system');
insert into GROUPS (G_NAME,G_DESCRIPTION) values('Administrators','Administrators');
insert into GROUPMEMBERS (G_NAME,G_MEMBER) values('Administrators','system');
WebLogic server configuration
- Create a data source with the information of
the database previously configured.
- Data base type: Oracle
- Driver: Oracle's Driver (thin) for instance
connections; Versions: 9.0.1,9.2.0,10,11
- Target: AdminServer/SOA Server
- Create a SQLAuthenticator:
Go to Security Realms.
Select myrealm > Providers.
Select myrealm > Providers.
Click on New.
Provide a name for the new provider (e.g. MySQLlProvider).
Set SQLAuthenticator as provider type.
Click on OK and the new provider should appear on the list of available providers.
Click on the new provider.
Change control flag to SUFFICIENT
Go to Provider Specific
Specify the Data Source Name. Use the information of the data source previously created.
Select the Password Style as Plaintext
Leave the rest as default.
Click on Save
Set the control flag to SUFFICIENT for all the authenticators (DefaultAuthenticator) in the list.
Reorder the Authentication Providers
As non-dynamic changes were done, WebLogic Server needs to be restarted.
Testing the SQLAuthenticator
- Log into the Administration Console.
- Validate that users from the database were
retrieved. Go to Security Realms -> myrealm -> Users and Groups and
review if users of the provider sqlProvider were loaded.
In next blog, i will demonstarte how to integrate Human Task and Worklist app with SQL authenticator.
Thanks for this. I really like what you've posted here and wish you the best of luck with this blog and thanks for sharing. Reimbursement Process
ReplyDelete