Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Configure Custom Authentication Configuration Providers

The Java Authentication Service Provider Interface for Containers (JASPIC) specification (Java Authentication Service Provider Interface for Containers) defines a service provider interface (SPI) by which Authentication Configuration Providers that implement message authentication mechanisms can be integrated in server Web application message processing containers or runtimes.

The JASPIC Authentication Configuration Provider assumes responsibility for authenticating the user credentials and returning a Subject. That is, if you configure an Authentication Configuration Provider, it is used instead of the WLS authentication mechanism for Web Applications. WebLogic Server then treats this Subject as it would all others. Authentication Configuration Providers integrated through this interface operate on network messages provided to them by the WLS container. They authenticate incoming Web application messages and return to their calling container (WLS) the identity (the expected Subject) established as a result of the message authentication.

For a custom Authentication Configuration Provider, you specify the class name of the Authentication Configuration Provider, plus any configuration properties for that provider.

To configure a custom Authentication Configuration Provider:

  1. If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
  2. In the left pane, select the name of the domain for which you want to configure a custom Authentication Configuration Provider (for example, wl_server).
  3. Select Security > JASPIC > General.

    The JASPIC general page appears.

  4. Ensure that the Enable JASPIC control is set for this domain.
  5. Select Security > JASPIC > Authentication Configuration Providers.

    The JASPIC Authentication Configuration Providers page for the domain appears.

  6. Click New.
  7. From the drop-down list, select Create a New Custom Authentication Configuration Provider.
  8. On the Create a New Custom Authentication Configuration Provider page, set the desired values on the Name and Class Name fields.

    You can accept the suggested name of CustomAuthConfigProvider-0, or use another name of your choice. The Class Name is dependent on the implementation of your custom Authentication Configuration Provider.

  9. Enter the configuration properties for the custom Authentication Configuration Provider in the Configuration Properties text box.

    Each property must be on a separate line. For example: property1=value1.

  10. Click Finish.
  11. To activate these changes, in the Change Center of the Administration Console, click Activate Changes.
    Not all changes take effect immediately—some require a restart (see Use the Change Center).

Back to Top