Igor's Blog

Here's how to add basic HTTP authentication to a Weblogic web service. I've had to do this recently at work and was a little confused at how the role-name, principal-name, etc were related so decided to add this as a note for the future and for anyone else who may be interested.

There are two deployment descriptor files that need modification to add authentication. These are web.xml and weblogic.xml.

The web.xml defines the majority of the configuration. Simply add something like this to it:
 web.xml
...
<security-constraint>
<web-resource-collection>
<web-resource-name>Access to the entire application</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>MyUsers</role-name>
</auth-constraint>
<user-data-constraint>
<description>SSL not required</description>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<role-name>MyUsers</role-name>
</security-role>
...




This sets up authentication for the entire web app without requiring SSL. The role name used is MyUsers, this is just a reference to the actual role that is defined inside the weblogic.xml file.

The next bit of configuration is inside the weblogic.xml file. This is where the role name is connected to the actual principal that may be used to authenticate the web service.
 weblogic.xml
...
<security-role-assignment>
<role-name>MyUsers</role-name>
<principal-name>weblogicuser</principal-name>
</security-role-assignment>
...


This connects the MyUsers role defined in the web.xml to the Weblogic user named weblogicuser. In place of a user, a group can be used too.

The users/groups are defined inside Weblogic under your realm configuration:
wlssecroles.png



That's all there is to it. The web service will now require authentication before any requests are served.

-i

, , , ,
About — I'm an enthusiastic software engineer and consultant interested in many fields including J2EE, programming, electronics, 3D printing, video games, wood working and gardening.
See my Resume for more information.
The views expressed in this blog are my own and not those of my employer.
comments powered by Disqus
My other posts you may like...
Programming, DIY, Games, Hacks, Tech and more.
Follow me on...
Current and Past Projects
See my Resume

Subscribe


RSS Feed

My Other Web Sites

Igor and Elise's Travels
Riverside Expressway Cam
StrFunc() Online
300 George St Blogumentary
Guru JSON-RPC Tester
Extrudifier Object Designer

Recent Blog Posts

Migrating domain email from GoDaddy to Google G Suite

NeoOffice Viewer macOS Word Document viewer vs Preview and Microsoft Word

Importance of cleaning the internal fans and heatsinks in a MacBook Pro

Adding an email subscribe feature to your Blog with Blogtrottr

How to remove Google's logo from your G Suite applications

Pedestal fan transformed into a ceiling fan

Testing the Velvet WiFi Hotshot signal strength

Improving slow download speeds on the PS4 and PSN

Add batch image resize functionality to macOS using Automator

Show transfer percentage and speed when copying files in Linux and Bash

Recent Galleries

Space Food - Chocolate Ice Cream with Chocolate Chips

Legeod Star Wars AT-DP kit

DIY spare parts computer build with a RAIDMAX Anura case

Fake 'Lepin' brand Lego packaging

Hardwood garden bench with clear resin void filler

Fixing a 3D printer extruder that stopped heating up

Easily increase disk space in a Lenovo Ideapad 100S 14" laptop with an M.2 SSD

Making a multi-piece 3D printed solder spool holder stand

DIY indoor apartment grow light wiring

Good Friday Electronics fun Easter Bunny LED PCB Kit IBEABU-01.0

Top Categories

Blogs I follow

Matt Moores Blog
Georgi's FlatPress Guide
Perplexing Permutations
The Security Sleuth

Friends

RAWS Parts Online
Alpha Dimensions Hosting
Kristensen Photography
Ilia Rogatchevski
Travelling Fairy

Blog Activity

Blog Activity
Please follow me on...