Note: You are not limited to these LDAP Authentication providers. To use an LDAP server other than the supported LDAP servers, choose the LDAP server type that has the closest defaults to the LDAP server you want to use and modify the attribute values accordingly.
Note: When configuring
an LDAP Authentication provider, the value you enter for
principal on the
Provider-Specific tab must be an LDAP
administrator who has the privilege to search users and groups in the
corresponding LDAP server. If the LDAP administrator does not have
privileges to search the LDAP server, an LDAP exception with error
code 50 is generated.
Note: The WebLogic SAML Authentication provider can be used with both the SAML Identity Asserter (for SAML 1.1) as well as the SAML 2.0 Identity Asserter to allow virtual users to log in. For important usage notes, see Configuring the SAML Authentication Provider.
Oracle recommends that you configure the Password Validation provider immediately after configuring a new WebLogic domain. The Password Validation provider, which is included with WebLogic Server, can be configured with several out-of-the-box authentication providers to manage and enforce password composition rules. Whenever a password is created or updated in the security realm, the corresponding authentication provider automatically invokes the Password Validation provider to ensure that the password meets the composition requirements that are established. For more information, see Configure the Password Validation provider.
In addition, you can use a Custom Authentication provider which offers different types of authentication technologies. For more information, see Configure custom security providers.
Each security realm must have one at least one Authentication provider configured. The WebLogic Security Framework is designed to support multiple Authentication providers (and thus multiple LoginModules) for multipart authentication. Therefore, you can use multiple Authentication providers as well as multiple types of Authentication providers in a security realm. The Control Flag attribute determines how the LoginModule for each Authentication provider is used in the authentication process. For more information, see Set the JAAS control flag.
To configure an Authentication or Identity Assertion provider:
The Create a New Authentication Provider page appears.
If you are configuring multiple Authentication providers, refer to Set the JAAS control flag.