<a name="compatibility_mode"></a>Compatibility Security

Use this tab to configure a WebLogic Authentication provider for a security realm.

Authentication is the process whereby the identity of users or system processes are proved or verified. Authentication also involves remembering, transporting, and making identity information available to various components of a system when that information is needed.

The WebLogic Server security architecture supports: certificate-based authentication directly with WebLogic Server; HTTP certificate-based authentication, proxied through an external Web server; perimeter-based authentication (Web server, firewall, VPN); and multiple security token types and multiple protocols. In the WebLogic Server security architecture, an Authentication provider is used to provide these authentication services.

By default, the WebLogic Authentication provider is configured in the default security realm (myrealm). The WebLogic Authentication provider allows you to edit, list, and manage users, groups, and group membership. User and group information is stored in the embedded LDAP server.

The Minimum Password Length attribute applies to the password used to define users in the embedded LDAP server used by the WebLogic Authentication provider to store user and group information. The Control Flag attribute is the Java Authentication and Authorization Service (JAAS) control flag that determines how the LoginModule for the WebLogic Authentication provider is used with LoginModules for other Authentication providers configured in a security realm.

You can use a Custom Authentication provider instead of the WebLogic Authentication provider. For a Custom Authentication provider to be available in the WebLogic Server Administration Console, the MBean JAR file for the provider must be in the WL_HOME\lib\mbeantypes directory.

Table 1-8

Attribute Label	Description	Value Constraints
Name	The name of this configuration. WebLogic Server uses an MBean to implement and persist the configuration. MBean: weblogic.security. providers.authentication. DefaultAuthenticatorMBean Attribute: Name
Description	A short description of the WebLogic Authentication provider. MBean: weblogic.security. providers.authentication. DefaultAuthenticatorMBean Attribute: Description	Default: "WebLogic Authentication Provider"
Version	The version number of the WebLogic Authentication provider. MBean: weblogic.security. providers.authentication. DefaultAuthenticatorMBean Attribute: Version	Default: "1.0"
Minimum Password Length	The minimum number of characters required in a password. MBean: weblogic.security. providers.authentication. DefaultAuthenticatorMBean Attribute: MinimumPasswordLength	Default: new Integer(8)
Control Flag	Determines how the login sequence uses the Authentication provider. A REQUIRED value specifies this LoginModule must succeed. Even if it fails, authentication proceeds down the list of LoginModules for the configured Authentication providers. This setting is the default. A REQUISITE value specifies this LoginModule must succeed. If other Authentication providers are configured and this LoginModule succeeds, authentication proceeds down the list of LoginModules. Otherwise, control is return to the application. A SUFFICIENT value specifies this LoginModule need not succeed. If it does succeed, return control to the application. If it fails and other Authentication providers are configured, authentication proceeds down the LoginModule list. An OPTIONAL value specifies this LoginModule need not succeed. Whether it succeeds or fails, authentication proceeds down the LoginModule list. MBean: weblogic.security. providers.authentication. DefaultAuthenticatorMBean Attribute: ControlFlag	Default: "REQUIRED"