|
| Re: configuring security realm for MS-Active Directory |
 |
Tue, 1 Apr 2008 06:44:05 -0700 |
HI
Steps to "Configure a new Active Directory Authenticator...
"
1. Expand :
Security-->realms-->myrealms-->providers-->Authentication.
2. In the right side window click on "Configure a new Active Directory
Authenticator...
"
3. Change the "Control Flag:" to SUFFICIENT
4. Click on "Create".
5. In the "Active Directory" Tab... enter the "Host name"
(your ADS IP Address or DNS Name)
6. In the "Principal:" enter the Admin user details. (Like
CN=xyz,DC=abc,dc=com)
7. Credential: enter the password for the same.
8. Finally Click on "Apply".
9. In the "Users" Tab...enter the "User Base DN:" details.
10. Click on "Apply".
11. Click on "Groups" Tab...enter the "Group Base DN:"
12. 10. Click on "Apply".
13. Restart the WLS.
Now if you explore the USER you can see all the user from ADS.
Coming to you application you:
You have add following component in the "WEB.XML"
<security-role>
<description>No Description</description>
<role-name>role1</role-name>
</security-role>
And Below component in the "WEBLOGIC.XML"
<security-role-assignment>
<role-name>role1</role-name>
<principal-name>Narayan</principal-name>
</security-role-assignment>
Where Narayan is the user from ADS or you can add group name also instead of
user name.
Hope this answers your question. :)
Regards,
|
| Post Reply
|
|
|
|
|
|
|
|
|
|