WebLogic Security Realm is a collection of configuration that protects a WebLogic Domain, its application and resources. Until WebLogic Server 10.3 the default store (Security Provider Database) used for security configuration such as users, groups, roles, policies etc. is the Embedded LDAP Server. But many customers want to externalize these information from WebLogic's Embedded LDAP Server. Different options are available only to externalize the authentication information to an external LDAP server, RDBMS etc. But still other information like authorization information, role mapping etc. stayed within the Embedded LDAP server.
With WebLogic Server 10.3 now you can choose to use an external RDBMS as a security provider database to store all security provider information. This removes the dependency of Embedded LDAP server. The other options is to build custom security providers which can use properties file as security provider database. Now you can build a WebLogic domain with no dependency to bundled Embedded LDAP server.
See http://edocs.bea.com/wls/docs103/secintro/realm_chap.html#wp1033627 for more info on how to configure a RDBMS based security provider database. One of the key thing to note is that the tables should be manually created using the appropriate *.sql file available from BEA_HOME/wlserver_10.3/server/lib directory. The domain's security provider database can be based on RDBMS when you create the domain using Configuration Wizard or later using Administration Console. Also the default Authentication Provider that comes with the default security realm - myrealm is Embedded LDAP based. So if you want to completely avoid the dependency with Embedded LDAP server then after the domain is created you have to create an Authentication provider that will use an external user repository (RDBMS, external LDAP etc.)
You can configure a domain to use RDBMS based security provider database during the domain creation using Domain Configuration Wizard.
But make sure that the tables are created before starting the Administration server according to the *.sql files provided with WebLogic installation.
If you created the domain with the default configuration (Embedded LDAP server as the security provider database) then you can change the domain configuration later to use RDBMS based security provider database.
Will meet you all with more exciting new features from Oracle WebLogic Server 10gR3!
Quench your OFMW learning thirst! - When was the last time you picked a book and read it. In this ever moving technological world pick 2 ebooks not just one, but for the price of one book f...
3 years ago