Oracle SOA Security Provider Configuration

In this article we will discuss oracle soa security provider configuration for Active directory. Please follow below example steps to complete the configuration.

1. Login to Weblogic Console ( http://host:port/console) and go to:
Security Realms -> myrealm -> Providers

2. Click on “New” to create a new Provider. In the below example, this provider is called AD.
You must select ActiveDirectoryAuthenticator as provider type.
Click OK.

Create New Authentication Provider Weblogic

3. Now , you should have the following list of providers (see screenshot below). At this point we need to reorder the provider list so that AD is the first one. This step is needed for Worklist application, otherwise you will not be able to login with the AD users in Worklist.
Authentication Providers Weblogic
After reordering you should have the following list of providers:
Reorder Authentication Providers Weblogic

4. Click on AD provider and then open the tab Provider Specific.

Example :

Host: sampleAD.techpaste.com
Port: 389
Principal: CN=Administrator,CN=Users,DC=ad,DC=techpaste,DC=com
User Base DN: CN=Users,DC=ad,DC=techpaste,DC=com
Group Base DN: CN=Groups,DC=ad,DC=techpaste,DC=com

The rest you can leave unchanged for now. Click Save.

Note : If the CN is different than sAMAccountName in AD, then consider changing “User Name Attribute” to sAMAccountName.

Active Directory Authentication Providers Setup Weblogic

5. Next step is to edit BOTH the AD and the DefaultAuthenticator provider and set
Control Flag: SUFFICIENT

Settings For Active Directory Setup in Weblogic

Settings For Default Authenticator AD Setup in Weblogic
6. Restart Admin and SOA managed server to activate the changes.

7. Create a new User in AD .

8. Look in Weblogic Console at “Users and Groups” in “myrealm” . You should be able to see the new AD user listed there.

9. Now try to login to Worklist app (http://host:port/integration/worklistapp/) using the new user created in AD. You should be able to login with the newly created user .

Leave a Reply