I am facing following issue

i created one custom authenticatior and configured in WSL srver (my custom authenticator will authenticate the user from webservices)
and returning success
if (username.length( ) > 0) {
// user authenticated with webservice
} else {
// No Username, so anonymous access is being attempted
}
loginSucceeded = true;
principalsBeforeCommit.add(new WLSUserImpl(username));
//add grous base don webservice response say Manager
principalsBeforeCommit.add(new WLSGroupImpl(“Manager”));
return loginSucceeded;

when i trid to run webcenter portal application jspx login with following code

FacesContext fctx = FacesContext.getCurrentInstance();
HttpServletRequest request =
(HttpServletRequest)fctx.getExternalContext().getRequest();
HttpServletResponse response =
(HttpServletResponse)fctx.getExternalContext().getResponse();
int authSuccess =
ServletAuthentication.login(userName.getValue().toString(),
password.getValue().toString(),
request, response);
System.out.println(“just check…”+authSuccess+” “+ServletAuthentication.AUTHENTICATED);
if (authSuccess == ServletAuthentication.AUTHENTICATED) {
System.out.println(“user authenticated success……..”);
if (request.isUserInRole(“dddddddd”))
;
Subject mySubject;
mySubject = Security.getCurrentSubject();
mySubject.getPrincipals().add(new WLSGroupImpl(“Manager”));

} else {
System.out.println(“user authenticated fail……..”);
}

i got authentication got seccess..
and in jdeveloper folloing error occured

< User Principal could not be found for authenticated user.>
< Failed to get user name>
< WARN_NO_USERS_PATTERN
oracle.security.idm.ObjectNotFoundException: No User found matching the criteria

< An error is encountered while retrieving the policies or permissions.>
<
java.lang.RuntimeException: User Principal could not be found for authenticated user.

please help on this, what could be the reason for these errors as i am also not able to get username in from securityContext Object.

Thanks
Ganesh

We have an application implemented with ADF security.But Once user login with user credentials,we have set documents which are more secured.in order to view those documents user has to enter his credentials again in a pop up window.Once user enter the credentials again how can we validate the user name and password (i,e whether user has enterd right user name and password).we can check the user name with “ADFContext.getCurrent().getSecurityContext().getUserName(); “.But how can we check password is the right password.

Thanks
Baji

If you add security on the page and possible fragments to a role / group then the user should belong to this group. Or you can use the internal role authenticated . With this only the user password must match. Else you need to add user to the right group / role in AD.

And Make sure every authentication providers is on sufficient control flag.

Good luck

when I tried to log in using user1 the operation is failed with the following error “Error 401–Unauthorized”

do I have to use weblogic console to add user1 to group1?
help pls

More on this topic – http://andrejusb.blogspot.com/2009/01/practical-adf-security-deployment-on.html

Andrejus

Ok why don’t you want to use ADF securtity, are you not using Weblogic. then I can understand it. else just configure a ldap security provider and activate ADF security for authentication only , voila.

if you still want to do it yourself then you need to make your own login module (jaas) which does all the ldap handling . Take a look at this article. http://www.theserverside.com/tt/articles/article.tss?l=Pramati-JAAS

thanks

I’m a beginner in Jdeveloper and ADF 11g. Please, give me some help.
We use Active Directory authentication at my firm. I want develop a web application with ADF 11g, but I don’t want use ADF security. How can I achive AD authentication from this web application

Please send some tip to my email
thanks
Gabor

This post was mentioned on Twitter by whitehorsesnl: Whiteblog: Weblogic web application container security part 2 ADF Security (http://bit.ly/ciBCrD)…