Authenticate

WebLogic Server supports access to REST APIs over HTTPS. To access Oracle WebLogic Server REST APIs over HTTPS (that is, SSL/TLS), you must enable the domain-wide administration port. The administration port accepts only secure, SSL traffic, and all connections via the port require authentication by a server administrator. For information about enabling domain-wide administration port, see Configure the domain-wide administration port in Administration Console Online Help for Oracle WebLogic Server.

The Oracle WebLogic Server administrator has full control over the certificate authority (CA) configured with WebLogic Server to enable clients to connect securely over HTTPS. WebLogic Server supports the use of commercial certificate authorities. If you want to access WebLogic Server REST resources over HTTPS, then you must provide the following information for authentication:

• An SSL certificate authority (CA) certificate file or bundle to authenticate against any commercial CA certificate.

• User name and password for your WebLogic Server Administrator account.

For example, to authenticate using cURL:

• Set the cURL environment variable, CURL_CA_BUNDLE, to the location of your local CA certificate bundle. For information about CA certificate verification using cURL, see: http://curl.haxx.se/docs/sslcerts.html.

• Pass the user name and password for your WebLogic Server administrator account using the --user cURL option.

• Pass the <request-header> custom request header using the -H cURL option.

The following provides an example cURL command:

curl -i -X GET --user <username>:<password> -H <request-header>:<value> https://<subdomain>.<domain>.com:<port>/<resource-path>