In this article we will discuss oracle soa security provider configuration for Active directory. Please follow below example steps to complete the configuration.
1. Login to Weblogic Console ( http://host:port/console) and go to:
Security Realms -> myrealm -> Providers
2. Click on “New” to create a new Provider. In the below example, this provider is called AD.
You must select ActiveDirectoryAuthenticator as provider type.
3. Now , you should have the following list of providers (see screenshot below). At this point we need to reorder the provider list so that AD is the first one. This step is needed for Worklist application, otherwise you will not be able to login with the AD users in Worklist.
After reordering you should have the following list of providers:
4. Click on AD provider and then open the tab Provider Specific.
User Base DN: CN=Users,DC=ad,DC=techpaste,DC=com
Group Base DN: CN=Groups,DC=ad,DC=techpaste,DC=com
The rest you can leave unchanged for now. Click Save.
Note : If the CN is different than sAMAccountName in AD, then consider changing “User Name Attribute” to sAMAccountName.
5. Next step is to edit BOTH the AD and the DefaultAuthenticator provider and set
Control Flag: SUFFICIENT
6. Restart Admin and SOA managed server to activate the changes.
7. Create a new User in AD .
8. Look in Weblogic Console at “Users and Groups” in “myrealm” . You should be able to see the new AD user listed there.
9. Now try to login to Worklist app (http://host:port/integration/worklistapp/) using the new user created in AD. You should be able to login with the newly created user .