18 Configuring the Virtual User Authentication Provider
Use the Virtual User Authentication provider to authenticate users who are not defined in the identity store that is configured in the Oracle WebLogic Server security realm.
This chapter includes the following sections:
About the Virtual User Authentication Provider
For complete details about configuring and using virtual user authentication in a WebLogic domain, see Authenticating a User Not Defined in the Identity Store.
Note:
Virtual user authentication is supported only on network ports that are configured for 2-way SSL, with listening servlets using CLIENT-CERT
authentication.
Virtual user authentication is not supported in topologies where:
-
SSL terminates at a front-end proxy
-
Requests are forwarded to a WebLogic Server instance in which SSL has not been enabled
Adding the Virtual User Authentication Provider to the Security Realm
You can use the WebLogic Server Administration Console to add the Virtual User Authentication provider to a security realm.
To add and configure the Virtual User Authentication provider using the WebLogic Server Administration Console, complete the following steps:
- Select realm-name > Configuration > Providers > Authentication, and select New.
- In the Create a New Authentication Provider page, enter a name for the provider, select VirtualUserAuthenticator in Type, and click OK.
- Re-order the authentication providers so that the Virtual User Authentication provider is listed first. See Re-order Authentication providers in Oracle WebLogic Server Administration Console Online Help.
- Select the Virtual User Authentication provider, and in the Configuration > Common page, select
SUFFICIENT
in the Control Flag field. - Click Save.
- Restart WebLogic Server to have the changes take effect.