Using Multiple Authentication Providers with WebLogic Portal
If you are storing users, passwords, and groups in an authentication provider outside of WebLogic Server (such as an RDBMS user store or an OpenLDAP server), you can connect that provider to WebLogic Server (assuming it is a supported type), and the users in that external provider can log in to your portals. In addition to the default LDAP authentication provider, WebLogic Server and WebLogic Portal support the use of multiple authentication providers.
As a portal administrator, multiple authentication providers matter to you for a number of reasons. You may want to:
Note: If your external user store contains additional properties for users and groups (for example, e-mail and phone), accessing those properties involves separate development steps for creating a unified user profile. See Unified User Profiles Overview in the WebLogic Workshop help system for details.
The following steps guide you through the process of setting up multiple authentication providers for use with WebLogic Portal.
The default configuration for supported external authentication providers is read-only access to users and groups from the WebLogic Administration Portal (or WebLogic Server Administration Console). To provide write access to external users and groups from the WebLogic Administration Portal, the authentication provider must be developed to allow write access. WebLogic Server's Default Authenticator and portal RDBMSAuthenticator provide write access by default.
If a provider does not allow read access, you can still create profiles for users and groups in that provider in the WebLogic Administration Portal, as well as add users or groups in that provider in roles for Delegated Administration and Visitor Entitlements.
Changes to Authentication Provider Settings
If you make changes to any authentication provider configuration in the WebLogic Server Administration Console, be sure to restart the server. Restarting the server prevents exceptions in the WebLogic Administration Portal.
Removing Authentication Providers
If you remove an authentication provider (in the WebLogic Administration Console), be sure to also remove the provider from the WebLogic Administration Portal in Service Administration --> Authentication Hierarchy Service. In the "Provider to Remove from Build List" field, enter the name of the provider you want to remove and click "Update & Build Tree."
Related Help Topics: