11 Configuring the WebLogic Authentication Provider
This chapter includes the following sections:
About the WebLogic Authentication Provider
DefaultAuthenticator
. You need to configure a WebLogic Authentication provider only when creating a new security realm. However, note the following:
-
The WebLogic Authentication provider is configured in the default security realm with the name
DefaultAuthenticator
. -
User and group names in the WebLogic Authentication provider are case insensitive. For information about creating and managing users and groups in the WebLogic Server Administration Console, see Manage users and groups in the Oracle WebLogic Server Administration Console Online Help.
-
Ensure that all user names are unique.
-
Specify the minimum length of passwords defined for users that are stored in the embedded LDAP server, which you can by means of the Minimum Password Length option that is available on the Configuration > Provider Specific page for the WebLogic Authentication provider.
-
Users in the WebLogic Authentication provider can be modified to include a set of attributes. See Setting User Attributes.
-
If you are using multiple Authentication providers, set the JAAS Control Flag to determine how the WebLogic Authentication provider is used in the authentication process. See Using More Than One Authentication Provider.
Setting User Attributes
Table 11-1 Attributes that Can Be Set for a User
Attribute | Description |
---|---|
|
Two-letter ISO 3166 country code |
|
Code for department to which the user belongs |
|
Preferred name of the user |
|
Numeric or alphanumeric identifier assigned to the user |
|
Type of employment, which represents the employer to employee relationship |
|
Facsimile (fax) telephone number |
|
First name; that is, not surname (last name) or middle name |
|
Home telephone number |
|
Home postal address |
|
Name of a locality, such as a city, county or other geographic region |
|
Electronic address of user (email) |
|
Mobile telephone number |
|
Pager telephone number |
|
Postal address at location of employment |
|
Post office box |
|
User's preferred written or spoken language |
|
Full name of state or province |
|
Physical location of user |
|
User's telephone number in organization |
|
Title representing user's job function |
When you set a value for an attribute, the attribute is added for the user. Likewise, if you subsequently delete the value of an attribute, the attribute is removed for the user. The set of available attributes is limited to the preceding list, however. The attribute names cannot be customized.
These attributes can be managed for a user by operations on the UserAttributeEditorMBean
, or viewed using the operations on the UserAttributeReaderMBean
.
For more information about setting, modifying, or viewing the attributes for a user created in the WebLogic Authentication provider, see Manage values for user attributes in Oracle WebLogic Server Administration Console Online Help.